5 matches found
SpagoBI 4.0 - Persistent HTML Script Insertion
No description provided by source. 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability...
[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0
Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...
CVE-2013-6233
CVE-2013-6233 affects SpagoBI (Open Source BI suite). The vulnerability is a cross-site scripting (XSS) flaw in the input handling of the Description field in the Short document metadata, allowing remote attackers with authentication to inject arbitrary HTML/script. Technical description and advi...
SpagoBI 4.0 - Persistent HTML Script Insertion
SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...
SpagoBI 4.0 HTML Injection
Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...