6Kare Emakin 5.0.341.0 is affected by Cross Site Scripting (XSS) via the /rpc/membership/setProfile DisplayName field, which is mishandled when rendering the Activity Stream page.
References
Link | Resource |
---|---|
https://gist.github.com/mhmtayberk/969add4b6c77f122a3a3a0cb00e2975b | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-16T19:37:31
Updated: 2022-09-16T19:37:31
Reserved: 2020-09-14T00:00:00
Link: CVE-2020-25491
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-16T20:15:09.903
Modified: 2022-09-21T15:32:39.367
Link: CVE-2020-25491
JSON object: View
Redhat Information
No data.
CWE