3 matches found
CVE-2019-16238
Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login...
CVE-2019-16238
Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login...
CVE-2019-16238
CVE-2019-16238 affects Afterlogic Aurora up to version 8.3.9-build-a3, where an XSS vulnerability can be exploited to hijack an administrator session by retrieving the login session cookie. Root cause: insufficient input sanitization enabling script execution in the admin login flow. Impact: pote...