Exploit for Cross-site Scripting in Totvs Fluig

FLUIG-Vulnerabilidade-CVE-2023-6275 Nov 24, 2023 — A vulnerabi...

CVE-2023-6275

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input "...

CVE-2023-6275

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...

CVE-2023-6275

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...

Cross site scripting

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...

CVE-2023-6275 TOTVS Fluig Platform mobileredir openApp.jsp cross site scripting

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...

CVE-2023-6275

TOTVS Fluig Platform (versions 1.6.x–1.8.1) is affected by a Cross-Site Scripting in the mobileredir/openApp.jsp component. The vulnerability arises from manipulating the redirectUrl/user parameters, e.g. redirectUrl/user with payloads like >, enabling reflected XSS. The issue may be exploited...

PT-2023-32588 · Totvs · Totvs Fluig Platform

Name of the Vulnerable Software and Affected Versions: TOTVS Fluig Platform versions 1.6.x through 1.8.1 Description: A problematic issue was found in the TOTVS Fluig Platform, affecting some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation...

TOTVS Fluig Platform Directory Traversal (CVE-2020-29134)

A directory traversal vulnerability exists in TOTVS Fluig Platform. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

Path traversal

The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...

CVE-2020-29134

The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4...

CVE-2020-29134

The TOTVS Fluig platform allows path traversal through the parameter “file = .. /” encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4 Recent assessments: lucxssouza at March 24, 2021 6:54pm UTC reported: Assessed Attacker Value: 5 Assessed Attacker Value:...