3 matches found
Ellevo Cross-Site Scripting Vulnerability
Ellevo is an enterprise process-oriented software from Ellevo. A cross-site scripting vulnerability exists in Ellevo version 6.2.0.38160, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web...
Ellevo 安全漏洞
Ellevo is an enterprise process-oriented software from Ellevo. A cross-site scripting vulnerability exists in Ellevo version 6.2.0.38160, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web...
PT-2024-30129 · Ellevo · Ellevo
Name of the Vulnerable Software and Affected Versions: Ellevo version 6.2.0.38160 Description: An issue in Ellevo allows a remote attacker to escalate privileges via the "/api/usuario/cadastrodesuplente" endpoint. This could lead to unauthorized access. Recommendations: For Ellevo version...