Lucene search

CVE-2018-8903

🗓️ 22 Mar 2018 21:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov👁 41 Views🌐 WEB

Open-AudIT Professional 2.1 XSS via Name or Description fiel

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
0day.today	Open-AuditIT Professional 2.1 - Cross-Site Scripting Vulnerability	29 Mar 201800:00	–	zdt
Cvelist	CVE-2018-8903	22 Mar 201821:00	–	cvelist
Packet Storm	Open-AuditIT Professional 2.1 Cross Site Scripting	28 Mar 201800:00	–	packetstorm
exploitpack	Open-AuditIT Professional 2.1 - Cross-Site Scripting	28 Mar 201800:00	–	exploitpack
Prion	Cross site scripting	22 Mar 201821:29	–	prion
NVD	CVE-2018-8903	22 Mar 201821:29	–	nvd
Exploit DB	Open-AuditIT Professional 2.1 - Cross-Site Scripting	28 Mar 201800:00	–	exploitdb

Nvd

Node

open-audit open-auditMatch2.1professional

Source	Link
exploit-db	www.exploit-db.com/exploits/44354/
nileshsapariya	www.nileshsapariya.blogspot.ae/2018/03/csrf-to-xss-open-auditit-professional-21.html

Parameter	Position	Path	Description	CWE
Name	request body	/omk/open-audit/credentials	Stored Cross-Site Scripting (XSS) vulnerability allows attackers to inject malicious scripts.	CWE-79
Description	request body	/omk/open-audit/credentials	Stored Cross-Site Scripting (XSS) vulnerability allows attackers to inject malicious scripts.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Mar 2018 21:29Current

5.2Medium risk

Vulners AI Score5.2

CVSS23.5

CVSS35.4

EPSS0.00194

CWE-79