2 matches found
CVE-2019-19500
CVE-2019-19500 affects Matrix42 Workspace Management 9.1.2.2765 and earlier. The vulnerability is a stored XSS in unfiltered description parameters of the WEB application (e.g., the comment field of a special software order). Root cause: lack of proper validation of client‑side data by the applic...
CVE-2019-19390
CVE-2019-19390 affects Matrix42 Workspace Management; the vulnerability is a reflected Cross-Site Scripting (XSS) issue in the Search parameter of the Software Catalogue section for versions 9.1.2.2765 and earlier. The root cause is unfiltered parameters accepted by the Search field, leading to m...