CVE-2019-19855
CVE-2019-19855 affects Serpico (SimplE RePort wrIting and CollaboratiOn tool) v1.3.0. The vulnerability is a stored XSS in admin/list_user exploitable via the auth_type parameter. This is due to improper input handling in that endpoint, enabling script execution in a victim’s browser when the aff...