4 matches found
Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php. id: CVE-2022-34093 info: name: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | Portal do...
CVE-2022-34093
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...
CVE-2022-34093
CVE-2022-34093 affects Software Publico Brasileiro i3geo v7.0.5. The connected documents confirm a cross-site scripting (XSS) vulnerability in access_token.php, allowing injection of malicious JavaScript that can run in users’ browsers and potentially steal session tokens or perform unauthorized ...
i3geo.mda.gov.br XSS vulnerability
Vulnerable URL: http://i3geo.mda.gov.br/i3geo/pacotes/linkedinoauth/example/accesstoken.php?=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...