4 matches found
CVE-2020-26563
ObjectPlanet Opinio before 7.14 allows reflected XSS via the survey/admin/surveyAdmin.do?action=viewSurveyAdmin query string. There is also stored XSS if input to survey/admin/.do is accepted from untrusted users...
CVE-2020-26563
ObjectPlanet Opinio before 7.14 allows reflected XSS via the survey/admin/surveyAdmin.do?action=viewSurveyAdmin query string. There is also stored XSS if input to survey/admin/.do is accepted from untrusted users...
CVE-2020-26563
ObjectPlanet Opinio before 7.14 is vulnerable to reflected XSS via the survey/admin/surveyAdmin.do?action=viewSurveyAdmin query string, with stored XSS if inputs to survey/admin/*.do come from untrusted users. Affected versions are prior to 7.14; a fix/patch was provided by ObjectPlanet (referenc...
ObjectPlanet Opinio 7.12 Cross Site Scripting
Exploit Title: ObjectPlanet Opinio 7.12 allows Cross-Site Scripting Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Ang Kar Min https://www.linkedin.com/in/karmin-ang CVE: CVE-2020-26563 Timeline - September 2019: Initial...