CVE-2017-14850

2019-06-03T19:29:00
ID CVE-2017-14850
Type cve
Reporter cve@mitre.org
Modified 2019-06-04T19:47:00

Description

All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with access to the web interface is able to hijack sessions or navigate victims outside of SiteOmat, to a malicious server owned by him.