2 matches found
CVE-2018-16654
Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1...
CVE-2018-16654
Zurmo 3.2.4 Stable is affected by a cross-site scripting (XSS) vulnerability in the endpoint app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1. The issue allows injection of scripts via crafted URL parameters, escalating potential to modify or exfiltrate data (per CVSS metr...