4 matches found
CVE-2018-7741
Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created parameter to the /crons URI...
Cross site scripting
Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programScopes description parameter...
Cross site scripting
Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript...
Cross site scripting
Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created parameter to the /crons URI...