7 matches found
EUVD-2019-2042
Malware in sbrugna...
Cross-site Scripting (XSS)
semantic-ui-search is vulnerable to cross-site scripting XSS. The vulnerability exists through the lack of sanitization in several dropdown values in modules/dropdown.js...
CVE-2019-1010307
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...
CVE-2019-1010307
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...
CVE-2019-1010307
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...
Cross site scripting
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...
CVE-2019-1010307
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...