Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-41917
HistoryOct 08, 2021 - 4:15 p.m.

Cross site scripting

2021-10-0816:15:00
PRIOn knowledge base
www.prio-n.com
2

EPSS

0.001

Percentile

24.8%

webTareas version 2.4 and earlier allows an authenticated user to store arbitrary web script or HTML by creating or editing a client name in the clients section, due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the platform users and administrators. The affected endpoint is /clients/editclient.php, on the HTTP POST cn parameter.

EPSS

0.001

Percentile

24.8%

Related for PRION:CVE-2021-41917