2 matches found
CanalDenuncia App Information Disclosure Vulnerability
CanalDenuncia App is a reporting channel application from CanalDenuncia Spain. The CanalDenuncia App suffers from an information disclosure vulnerability caused by incorrect authorization validation of the parameter email in /backend/api/users/searchUserByEmail.php, which can be exploited by an...
TYPO3 cross-site scripting vulnerability (CNVD-2019-41236)
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the back-end search box in TYPO3 versions prior to 4.4.1. The vulnerability stems from a lack of proper validation of client-side data by the...