8 matches found
CVE-2024-25175
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack...
CVE-2024-25175
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack...
CVE-2024-25175
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack...
CVE-2024-25175
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack...
CVE-2024-25175
Kickdler is affected by a Reflected XSS due to HTTP response splitting in versions prior to 1.107.0. The issue arises from improper handling of line breaks that allows an attacker to inject script via crafted input (e.g., kickidler_authentication_token). Impact is XSS with user interaction requir...
CVE-2024-25175
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack...
Kickdler 安全漏洞
Kickdler is an employee monitoring software from Kickdler Inc. that explores employee computer activity levels to improve productivity and find growth. A security vulnerability exists in versions prior to Kickdler v1.107.0 that stems from the presence of a Reflected Cross-Site Scripting XSS...
PT-2024-20800 · Kickdler · Kickdler
Name of the Vulnerable Software and Affected Versions: Kickdler versions prior to 1.107.0 Description: The issue allows attackers to provide an XSS payload via a HTTP response splitting attack. Recommendations: For versions prior to 1.107.0, update to version 1.107.0 or later to resolve the issue...