2 matches found
CVE-2018-19089
tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/saverole name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\userlist.jsp...
CVE-2018-19089
CVE-2018-19089 affects the Tianti CMS 2.3 series. A stored XSS vulnerability exists in the userlist module triggered via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp. The impact is cross-sit...