2 matches found
CVE-2020-21731
Gazie 7.29 is affected by: Cross Site Scripting XSS via http://192.168.100.7/gazie/modules/config/adminutente.php?username=amministratore&Update.; An attacker can inject JavaScript code, and the webapplication stores the injected code...
CVE-2020-21731
Gazie 7.29 is affected by a stored Cross-Site Scripting (XSS) vulnerability. The issue occurs in the web app via the admin_utente.php?user_name=amministratore&Update parameter, where injected JavaScript code can be stored and later executed by users. This is a general XSS flaw described across mu...