2 matches found
ObjectPlanet Opinio 7.6.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Vendor: ObjectPlanet Product: Opinio Version: Up to 7.6.3 inclusive Homepage: http://www.objectplanet.com/opinio/ CVE: CVE-2017-10798 Description ================ Reflected XSS vulnerability in ObjectPlanet Opinio up to version 7.6.3...
CVE-2017-10798
ObjectPlanet Opinio vulnerable to a reflected XSS in versions up to 7.6.3, fixed in 7.6.4. The issue affects the /admin/reportPortal.do page via the userLanguage GET parameter, exploitable by remote unauthenticated users. Proof-of-concept shows a crafted input can trigger script execution; upgrad...