Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user.
Vendor | Product | Version | CPE |
---|---|---|---|
pleasanter | pleasanter | 1.3.49.0 | cpe:2.3:a:pleasanter:pleasanter:1.3.49.0:*:*:*:*:*:*:* |
[
{
"vendor": "Implem Inc.",
"product": "Pleasanter ",
"versions": [
{
"version": "1.3.49.0 and earlier",
"status": "affected"
}
]
}
]