CVE-2022-50952
Banco Guayaquil 8.0.0 Mobile iOS Cross-Site Scripting via Profile Name Input
Banco Guayaquil 8.0.0 mobile iOS application contains a persistent cross-site scripting vulnerability in the TextBox Name Profile input. Attackers can inject malicious script code through a POST request that executes on application review without user interaction.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
Banco de Guayaquil · Banco Guayaquil¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →