| शीर्षक | Kerio Connect KerioConnect 10.0.6 Cross Site Scripting |
|---|
| विवरण | 1.Stored XSS . Exposed Address: Settings/Email/Signature/EditHtmlSource
2.When a file with a malicious JavaScript code in its name is uploaded to the system, it is displayed again on the page within the input field without being sanitized. This creates the potential for an XSS attack. |
|---|
| स्रोत | ⚠️ https://github.com/0xs1ash/poc/blob/main/xss.md |
|---|
| उपयोगकर्ता | slash0x99 (UID 77812) |
|---|
| सबमिशन | 19/03/2025 01:29 PM (1 वर्ष पहले) |
|---|
| संयम | 30/03/2025 09:48 AM (11 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 302027 [GFI KerioConnect 10.0.6 Signature EditHtmlSource क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 17 |
|---|