12 matches found
CVE-2024-37828
A stored cross-site scripting XSS in Vermeg Agile Reporter v23.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast Message module...
CVE-2024-37828
A stored cross-site scripting XSS in Vermeg Agile Reporter v23.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast Message module...
PT-2024-27770 · Vermeg · Vermeg Agilereporter
Name of the Vulnerable Software and Affected Versions: Vermeg Agile Reporter version 23.2.1 Description: The issue is a stored cross-site scripting XSS that allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast...
VERMEG Agile Reporter Security Breach
VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG, Inc. A security vulnerability exists in VERMEG Agile Reporter version v23.2.1, which stems from the presence of stored cross-site scripting XSS that allows an attacker to inject a crafted payload to execute arbitrary web scrip...
CVE-2024-37828
CVE-2024-37828 describes a stored cross-site scripting (XSS) vulnerability in Vermeg Agile Reporter v23.2.1. The issue allows an attacker to inject crafted scripts/HTML into the Message field of the Set Broadcast Message module, potentially enabling script execution in a victim’s browser and mani...
CVE-2024-37828
A stored cross-site scripting XSS in Vermeg Agile Reporter v23.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast Message module...
CVE-2024-37828
A stored cross-site scripting XSS in Vermeg Agile Reporter v23.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast Message module...
CVE-2022-34834
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
VERMEG Agile Reporter Security Breach
VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG, Inc. A security vulnerability exists in VERMEG Agile Reporter version 21.3 that originates from an administrator being able to inject cross-site scripting XSS into the Analysis component...
VERMEG Agile Reporter Security Breach
VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG. A security vulnerability exists in VERMEG Agile Reporter version 21.3 that originates from an attacker being able to gain privileges by injecting cross-site scripting XSS into an Add Comment operation in the Activity log...
VERMEG Agile Reporter Security Breach
VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG. A security vulnerability exists in VERMEG Agile Reporter version 21.3, which stems from an XML document via the Analysis component that can cause XML External Entity Injection XXE...
PT-2023-13422 · Vermeg · Vermeg Agilereporter
Name of the Vulnerable Software and Affected Versions: VERMEG AgileReporter version 21.3 Description: An issue was discovered in the Analysis component, allowing an admin to enter an XSS payload. Recommendations: For VERMEG AgileReporter version 21.3, consider restricting access to the Analysis...