The vulnerability of the software component /admin/conferences/list/ of the TrueConf Server, which allows a hacker to perform cross-site scripting attacks

The vulnerability of the /admin/general/change-lang component of the TrueConf Server lies in the lack of measures taken to eliminate script-related HTML tags on the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

Vulnerability of the software component /admin/conferences/get-all-status/ of TrueConf Server, which allows a hacker to perform cross-site scripting attacks

The vulnerability of the TrueConf Server software’s /admin/conferences/get-all-status/ component is related to the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...

CVE-2017-20118

A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...

CVE-2017-20115

A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting Reflected. The attack may be initiated remotely. The exploit...

Cross site scripting

A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...

TrueConf Server 跨站脚本漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to a cross-site scripting vulnerability stemming from certain unknown processing of the file /admin/conferences/list/, where parameter ordering...

PT-2022-3297 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server version 4.3.7 Description: The issue is related to the lack of neutralization of script-related HTML tags on a web page, specifically affecting the /admin/conferences/list/ file. The manipulation of the sort argument leads to...

PT-2022-7987 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server version 4.3.7 Description: A problematic issue affects some unknown functionality of the file "/admin/conferences/list/". The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be...