PT-2024-33186 · Unknown · Collabtive

Name of the Vulnerable Software and Affected Versions: Collabtive version 3.1 Description: The issue is related to Cross-site scripting XSS via the title parameter with action=add or action=editform within the managemessage.php file and managetask.php file respectively. This allows for potential...

Cross site scripting

Cross-site scripting XSS vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an editform action, related to admin.php...