TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/155376/TemaTres-3.0-Cross-Site-Scripting.html | Exploit Mailing List Third Party Advisory VDB Entry |
https://github.com/tematres/TemaTres-Vocabulary-Server/commits/master | Patch Third Party Advisory |
https://medium.com/%40Pablo0xSantiago/cve-2019-14343-ebc120800053 | |
https://sourceforge.net/p/tematres/mailman/tematres-help/ | Mailing List Third Party Advisory |
https://www.hackpuntes.com | Not Applicable Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-15T13:00:01
Updated: 2019-11-18T16:07:02
Reserved: 2019-07-28T00:00:00
Link: CVE-2019-14343
JSON object: View
NVD Information
Status : Modified
Published: 2019-11-15T13:15:10.607
Modified: 2023-11-07T03:04:53.363
Link: CVE-2019-14343
JSON object: View
Redhat Information
No data.
CWE