CVE-2019-18574

CVE-2019-18574

RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.

Source: CVE-2019-18574

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다