COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs used by "iFrame" widgets.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/151467/COYO-9.0.8-10.0.11-12.0.4-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
https://seclists.org/bugtraq/2019/Feb/0 | Exploit Mailing List Third Party Advisory |
https://www.coyoapp.de/en/blog | Vendor Advisory |
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-032.txt | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-17T21:39:01
Updated: 2019-03-18T14:24:59
Reserved: 2018-09-05T00:00:00
Link: CVE-2018-16519
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-21T16:00:22.310
Modified: 2019-03-21T19:09:09.900
Link: CVE-2018-16519
JSON object: View
Redhat Information
No data.
CWE