Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-14228
HistoryJul 26, 2019 - 12:35 p.m.

CVE-2019-14228

2019-07-2612:35:46
mitre
www.cve.org

0.001 Low

EPSS

Percentile

31.1%

JSON

Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to the lack of CSRF protection on the admin/includes/adminprocess.php endpoint, an attacker is able to chain the XSS with CSRF in order to cause remote exploitation.

Related

prion 1
cve 1
nvd 1
prion
prion
Cross site request forgery (csrf)
2019-07-26 13:15:00
cve
cve
CVE-2019-14228
2019-07-26 13:15:12
nvd
nvd
CVE-2019-14228
2019-07-26 13:15:12

0.001 Low

EPSS

Percentile

31.1%

JSON
Related for CVELIST:CVE-2019-14228
prion1cve1nvd1