CVE-2019-7551
CVE-2019-7551
Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this vulnerability would enable performing actions as users, including administrative users. This could enable account creation and deletion as well as deletion of information contained within the app.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://blog-posts--cantemo.netlify.com/news/2019/03/cantemo-portal-xss-vulnerabilities/https://doc.cantemo.com/latest/ReleaseNotes/intro.html#version-3-4-9https://www.bishopfox.com/blog/news-category/advisories/https://www.bishopfox.com/news/2019/03/cantemo-portal-version-3-8-4-cross-site-scripting/