← volver
CVE-2019-18207

CVE-2019-18207

EPSS 0.5%
In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload will be triggered every time a user browses the reports page.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=42