6 matches found
CVE-2017-14715
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter...
CVE-2017-14714
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter...
Cross site scripting
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter...
CVE-2017-14712
Affected product: EPESI 1.8.2 rev20170830. Vulnerability: Stored XSS in the Tasks Phonecall Notes Title parameter. Root cause (per sources): unescaped input in that field allows script injection, enabling arbitrary script execution in the context of the user. Impact: described as cross-site scrip...
CVE-2017-14717
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter...
CVE-2017-14715
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter...