7 matches found
EUVD-2017-2809
Malware in sbrugna...
J2 Innovations FIN Stack Cross-Site Scripting Vulnerability
J2 Innovations FIN Stack is a framework for OEM development. A cross-site scripting vulnerability exists in the authentication webform in J2 Innovations FIN Stack version 4.0. A remote attacker can exploit this vulnerability by sending a query string to /auth/ariosa/login to inject arbitrary web...
CVE-2017-11175
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...
CVE-2017-11175
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...
Authentication flaw
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...
CVE-2017-11175
CVE-2017-11175 affects J2 Innovations FIN Stack 4.0. The vulnerability is a reflected XSS in the authentication webform, exploitable via a crafted query string to /login (or /auth/ariosa/login per related CNVD entry). The root cause is input reflected back to the user without proper sanitization,...
CVE-2017-11175
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...