Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1. The browsing component did not properly sanitize user input (encoded in base64). This also applies to the search functionality for the searchKey parameter.
References
Link | Resource |
---|---|
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=42 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-30T18:31:21
Updated: 2019-10-30T18:34:57
Reserved: 2019-10-19T00:00:00
Link: CVE-2019-18205
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-30T19:15:10.937
Modified: 2019-11-01T19:22:07.623
Link: CVE-2019-18205
JSON object: View
Redhat Information
No data.
CWE