4 matches found
Open-AuditIT Professional 2.1 Cross Site Scripting
Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/ Version: 2.1 CVE : CVE-2018-8903...
Open-AuditIT Professional 2.1 - Cross-Site Scripting
Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/ Version: 2.1 CVE : CVE-2018-8903...
CVE-2018-8903
Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen...
CVE-2018-8903
CVE-2018-8903 affects Open-AuditIT/Open‑Audit Professional 2.1. The vulnerability is a stored XSS via the Name or Description fields on the Credentials page, stemming from insufficient input sanitization. Public references in the connected documents confirm exploitation guidance (stored XSS PoC) ...