Cross site scripting

2018-08-0321:29:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.5%

JSON

Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf “Nome Completo” (aka user fullname) field.

CPENameOperatorVersion
bancoeq1.0.0

CPE	Name	Operator	Version
	banco	eq	1.0.0

References

exchange.xforce.ibmcloud.com/vulnerabilities/147963

medium.com/stolabs/security-issues-on-matera-systems-fba14d207dc9