CVE-2017-16950
CVE-2017-16950 is an XSS in UrBackup Server prior to 2.1.20. The web UI fails to properly sanitize the action parameter, allowing a remote attacker to inject arbitrary web script or HTML via that parameter. Affected product: UrBackup Server (before 2.1.20); root cause: insufficient input sanitiza...