Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror parameter in the /__r2/query endpoints.
CPE | Name | Operator | Version |
---|---|---|---|
labkey_server | eq | < 18.3.0-61806.763 |