A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
References
Link | Resource |
---|---|
https://sourceforge.net/p/wikindx/code/2624/ | Patch Third Party Advisory |
https://sourceforge.net/p/wikindx/code/2656/ | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-26T18:45:13
Updated: 2019-03-28T13:23:08
Reserved: 2019-03-23T00:00:00
Link: CVE-2019-9961
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-26T19:29:03.163
Modified: 2019-03-29T17:09:49.663
Link: CVE-2019-9961
JSON object: View
Redhat Information
No data.
CWE