5 matches found
EUVD-2017-15616
Malware in sbrugna...
Cross site scripting
XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif=XSS attack...
CVE-2017-6562
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=XSS attack...
CVE-2017-6561
CVE-2017-6561 : The connected sources confirm a cross-site scripting (XSS) vulnerability in Agora-Project version 3.2.2, exploitable via an index.php?ctrl=object&action=[XSS] parameter. The reports do not provide remediation details or confirm exploitation status. No other concrete technical spec...
CVE-2017-6559
The CVE-2017-6559 entry documents a cross-site scripting (XSS) flaw in Agora-Project 3.2.2. The vulnerable vector is index.php?disconnect=1&msgNotif[]=[XSS], where user-supplied data is reflected into the page without sufficient sanitization. The impact is indicated as low confidentiality and low...