6 matches found
CVE-2021-34370
creationtimestamp| type| source ---|---|--- 2021-06-15 01:16:14+00:00| seen| https://t.me/pwnwikizhchannel/648 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-34370.yaml...
Accela Civic Platform 21.1 - (successURL) Cross-Site-Scripting Vulnerability
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting (XSS)
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Accela Civic Platform 21.1 Cross Site Scripting / Open Redirection
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
CVE-2021-34370
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information...
CVE-2021-34370
Accela Civic Platform (versions up to 21.1; and affected earlier up to 20.1 in CVE-2021-34370) contains a Cross-Site Scripting vulnerability via ssoAdapter/logoutAction.do?successURL. The issue allows injection of arbitrary JavaScript in the victim’s browser, with potential data theft, session hi...