Lucene search
GoogleOSV:GHSA-79XR-V794-WQ35HistoryMay 24, 2022 - 5:24 p.m.
MunkiReport Managed Installs module Reflected Cross-Site Scripting (XSS) vulnerability
2022-05-2417:24:15
Google
osv.dev
6
munkireport
managed installs
xss
vulnerability
remote attackers
web script
html
installed packages
versions
software
A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (through which installed packages names and versions are reported).
References
github.com/munkireport/managedinstalls/commit/708f6a2abc4b80a3751bcc9cf896f80d84250c55
github.com/munkireport/managedinstalls/releases/tag/v2.6
github.com/munkireport/munkireport-php
github.com/munkireport/munkireport-php/releases/tag/v5.6.3
github.com/munkireport/munkireport-php/wiki/20200722-Reflected-XSS-In-Managedinstalls-Module
nvd.nist.gov/vuln/detail/CVE-2020-15883
Related
osv
osv
CVE-2020-15883
2020-07-23 14:15:12
prion
prion
Cross site scripting
2020-07-23 14:15:00
cve
cve
CVE-2020-15883
2020-07-23 14:15:12
nvd
nvd
CVE-2020-15883
2020-07-23 14:15:12
github
github
cvelist
cvelist
CVE-2020-15883
2020-07-23 13:42:39