Lucene search
PRIOn knowledge basePRION:CVE-2018-9155HistoryApr 12, 2018 - 3:29 p.m.
Cross site scripting
2018-04-1215:29:00
PRIOn knowledge base
www.prio-n.com
5
0.001 Low
EPSS
Percentile
43.2%
Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin->Logs section (with a logs?logs.type= URI) and the Manage->Attributes section (via the “Name (display)” field to the attributes/create URI).
| CPE | Name | Operator | Version |
|---|---|---|---|
| open-audit | eq | 2.1.1 |
Related
cve
cve
CVE-2018-9155
2018-04-12 15:29:00
zdt
zdt
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting Vulnerability
2018-05-12 00:00:00
cvelist
cvelist
CVE-2018-9155
2018-04-12 15:00:00
packetstorm
packetstorm
Open-AudIT Professional 2.1.1 Cross Site Scripting
2018-05-13 00:00:00
exploitpack
exploitpack
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting
2018-05-11 00:00:00
nvd
nvd
CVE-2018-9155
2018-04-12 15:29:00
exploitdb
exploitdb
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting
2018-05-11 00:00:00