2 matches found
Subrion 4.2.1 Cross Site Scripting
Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Date: 2019-10-07 Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Description : Allows XSS via the panel/members/ Username, Full...
CVE-2019-17225
CVE-2019-17225 affects Subrion 4.2.1. The vulnerability is a cross-site scripting (XSS) issue exposed via the panel/members/ fields for Username, Full Name, or Email (Admin Member JSON Update). The available documents confirm the affected product and the vulnerable input surface but do not provid...