Vulnerabilities

CVE-2017-9331

by Fred · 01/06/2017

The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Utils/RecordBrowser/RecordBrowserCommon_0.php, which allows remote attackers to inject arbitrary web script or HTML via a crafted meeting description parameter.

Date published : 2017-06-01

https://github.com/Telaxus/EPESI/commit/dda3e5f3843e80fe9ed36115f4fe72c06a3a41bc

https://github.com/Telaxus/EPESI/issues/193

Similar

Tags: Cybersecurity Alert