CVE-2019-12932

A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly escaping the search result in the autocomplete search form placed in the header of out/out.Viewfolder.php.
References
Link Resource
https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOG Release Notes Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:seeddms:seeddms:5.1.11:*:*:*:*:*:*:*

Information

Published : 2019-06-28 11:15

Updated : 2019-07-03 10:09


NVD link : CVE-2019-12932

Mitre link : CVE-2019-12932


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

seeddms

  • seeddms