2 matches found
CVE-2018-7997
Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript...
CVE-2018-7997
Eramba e1.0.6.033 is affected by a Reflected XSS vulnerability on the Error page of the CSV file inclusion tab at /importTool/preview, triggered by a maliciously crafted CSV file. The issue stems from improper input handling in the CSV import preview flow, allowing injected JavaScript to be refle...