Submit #266282: factominer FactoInvestigate 1.9 and earlier XSSinfo

Titelfactominer FactoInvestigate 1.9 and earlier XSS
Beschreibungthe package is vulnerable to XSS, if a user analyzes a malicious dataset containing an XSS payload, the javascript code will be executed when the HTML report is generated and opened. Attackers can use that to redirect users to malicious websites acting as analysis reports.
Quelle⚠️ https://drive.google.com/drive/folders/1ZFjWlD5axvhWp--I7tuiZ9uOpSBmU_f6?usp=drive_link
Benutzer
 letmewin (UID 61323)
Einreichung11.01.2024 16:10 (vor 2 Jahren)
Moderieren19.01.2024 10:35 (8 days later)
StatusAkzeptiert
VulDB Eintrag251544 [FactoMineR FactoInvestigate bis 1.9 HTML Report Generator HTML injection]
Punkte17

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!