An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
References
Link | Resource |
---|---|
https://github.com/thinksaas/ThinkSAAS/issues/21 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-21T17:44:59
Updated: 2019-09-21T17:44:59
Reserved: 2019-09-21T00:00:00
Link: CVE-2019-16665
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-09-21T18:15:11.680
Modified: 2019-09-23T13:00:01.447
Link: CVE-2019-16665
JSON object: View
Redhat Information
No data.
CWE