4 matches found
CVE-2022-42989
ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting XSS vulnerability via the component Caixa de Entrada...
CVE-2022-42989
ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting XSS vulnerability via the component Caixa de Entrada...
CVE-2022-42989
ERP Sankhya before v4.11b81 is affected by CVE-2022-42989, a cross-site scripting (XSS) in the Caixa de Entrada component. The vulnerability allows injection of HTML/JavaScript via the Caixa de Entrada messaging feature, enabling potential account takeover and exposure of sensitive data. The CVSS...
ERP Sankhya 4.13.x Cross Site Scripting
Exploit Title: ERP Sankhya - XSS to Account Takeover Google Dork: N/A Date: 19/10/2022 Exploit Author: Lucas Alves Da Cunha - 0xLucas Vendor Homepage: https://www.sankhya.com.br Version: Sankhya Om Payload utilizado para capturar os dados da sessão do usuário: Passos para reprodução: 1 -...