6 matches found
CVE-2019-20381
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...
CVE-2019-20381
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...
CVE-2019-20381
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...
Cross site request forgery (csrf)
TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...
CVE-2019-19491
TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...
TestLink Cross-Site Scripting Vulnerability
TestLink is a WEB-based test case management system. A cross-site scripting vulnerability exists in TestLink 1.9.19. The vulnerability can be exploited by an attacker via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in the...