CVE-2019-10846

Sažetak

Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.

Reference

http://packetstormsecurity.com/files/155257/Computrols-CBAS-Web-19.0.0-Cross-Site-Scripting.html
https://applied-risk.com/index.php/download_file/view/196/165
https://applied-risk.com/labs/advisories

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

13-07-2020 - 17:56

Objavljeno

23-05-2019 - 20:29