2 matches found
CVE-2018-16519
COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting XSS via URLs used by "iFrame" widgets...
CVE-2018-16519
CVE-2018-16519 affects COYO: versions 9.0.8, 10.0.11 and 12.0.4. The root cause is missing URL validation in COYO’s handling of URLs used by iFrame widgets, enabling cross-site scripting (XSS). Documented impact is cross-site scripting within the web application; exploitation details are not prov...