CVE-2019-18207

Posted on by admin

CVE-2019-18207

In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload will be triggered every time a user browses the reports page.

Source: CVE-2019-18207

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다