3 matches found
CVE-2022-34768 Synel - eHarmony Stored XSS
insert HTML / js code inside input how to get to the vulnerable input : Workers worker nickname inject in this input the code...
Design/Logic Flaw
SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...
PT-2021-21322 · Synel · Synel Reports +1
Name of the Vulnerable Software and Affected Versions: SYNEL eharmonynew versions prior to 11 Synel Reports versions prior to 11 Synel Reports version 8.0.2 Description: The issue allows an attacker to log in to the system with default credentials and export a report of the eharmony system with...