2 matches found
CVE-2018-9130
IBOS 4.4.3 has XSS via a company full name...
CVE-2018-9130
IBOS 4.4.3 has a cross-site scripting (XSS) vulnerability that can be triggered via the company full name. The CNVD entry states a remote attacker can inject arbitrary Web script or HTML using the company name, indicating a client-side script execution vulnerability. No remediation details are pr...