CVE-2019-12299

CVE-2019-12299

EPSS 0.9%

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2019/Nov/8 https://medium.com/insidersec0x42/centraleyezer-stored-xss-using-html-entities-cve-2019-12299-5c295ae54ef