5 matches found
CVE-2023-50924
Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the...
Input validation
Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the...
CVE-2023-50924 Stored XSS in Overview and Output fields
Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the...
CVE-2023-50924
CVE-2023-50924 affects the Englesystem shift planning system. Prior to v3.4.1, it performed insufficient validation of user-supplied data in the DECT number, mobile number, and work-log comment fields. This allowed an authenticated user to inject JavaScript into other users’ sessions, with the in...
PT-2023-31712 · Unknown · Englesystem
Name of the Vulnerable Software and Affected Versions: Englesystem versions prior to 3.4.1 Description: Englesystem is a shift planning system for chaos events. The system performed insufficient validation of user-supplied data for the DECT number, mobile number, and work-log comment fields. This...