CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

CVE-2021-41557

CVE-2021-41557 affects Sofico Miles RIA 2020.2, build 127964T. The vulnerability is a Stored Cross Site Scripting (XSS) flaw in the work order number field within the damage reports section, exploitable by an attacker who already has a user account with IT or Fleet role access. The impact is desc...

Sofico Miles Ria跨站脚本漏洞

Sofico Miles Ria is a car rental management software from Sofico Belgium. A security vulnerability exists in Sofico Miles RIA version 2020.2 build 127964T, which allows an attacker to create a malicious work order in the damase report section or change an existing work order using a malicious...

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version: 2020.2 build 128076 or higher CVE number: CVE-2021-41557...