← voltar
CVE-2019-20381

CVE-2019-20381

EPSS 0.9%
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://mantis.testlink.org/view.php?id=8808https://github.com/TestLinkOpenSourceTRMS/testlink-code/commit/cde692895e425731e6951d265a01ca6425a7c26ehttps://github.com/TestLinkOpenSourceTRMS/testlink-code/compare/1.9.19...1.9.20