Name of the Vulnerable Software and Affected Versions eDocLib (affected versions not specified)

Description The issue exists due to inadequate protection of the web page structure in the eDocLib platform for storing and processing corporate data. This allows a remote attacker to execute arbitrary code in the user's browser on the "Рубрика" page by creating a specially crafted title in the "Название" field when creating a rubric.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.