CVE-2019-7551
CVE-2019-7551
Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this vulnerability would enable performing actions as users, including administrative users. This could enable account creation and deletion as well as deletion of information contained within the app.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://blog-posts--cantemo.netlify.com/news/2019/03/cantemo-portal-xss-vulnerabilities/https://doc.cantemo.com/latest/ReleaseNotes/intro.html#version-3-4-9https://www.bishopfox.com/blog/news-category/advisories/https://www.bishopfox.com/news/2019/03/cantemo-portal-version-3-8-4-cross-site-scripting/