3 matches found
CVE-2014-4857
Cross-site scripting XSS vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity...
CVE-2014-4857
Gurock TestRail prior to 3.1.3 is affected by a cross-site scripting (XSS) vulnerability due to improper sanitization of the Created By field in project activities. The flaw enables script or HTML injection in the browser context of authenticated users, with evidence from multiple sources noting ...
TestRail cross-site scripting vulnerability
Overview TestRail version 3.1.1.3130 contains a cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Gurock Software TestRail version 3.1.1.3130 contains a stored cross-site scripting vulnerability. The Created ...