2 matches found
CVE-2017-20113
TrueConf Server 4.3.7 is affected by a stored cross-site scripting vulnerability due to inadequate sanitization in multiple inputs (e.g., redirect_url and other parameters) in the web interface. The issue potentially allows remote attackers to execute arbitrary HTML/JS in a user’s browser session...
CVE-2017-20113 TrueConf Server Stored cross site scripting
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...