The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross Site Scripting (XSS) vulnerability via the query string.
6.1CVSS
6AI Score
0.002EPSS
5.4CVSS
5.3AI Score
0.001EPSS
7.5CVSS
7.6AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.002EPSS
webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/add_announcement.php, administration/departments.php, administration/locations.php, expenses/claim_type.php, projects/editproject.php, and general/newnotifications.php.
6.1CVSS
6AI Score
0.001EPSS