CVE-2019-7655

2020-01-29T16:15:00
ID CVE-2019-7655
Type cve
Reporter cve@mitre.org
Modified 2020-01-31T13:41:00

Description

Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form.