2 matches found
CVE-2019-13971
OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request...
CVE-2019-13971
OTCMS 3.81 contains a cross-site scripting (XSS) vulnerability in the web app: an XSS flaw via the mode parameter in apiRun.php?mudi=autoRun. Root cause is insufficient validation of client-side data, leading to possible execution of injected script. Affected component: OTCMS Web application; aff...