K-Box is a web-based application used to manage document, image, video and geographic data. A cross-site scripting vulnerability exists in K-Box, which stems from the fact that the editors of the product’s user document summaries and markdown file previews do not securely handle special characters in user input data. An attacker could execute client-side code through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
k-box k-box | lt | 0.33.1 |