PT-2019-13859 · Prise+1 · Prise Adas+1
Published
2019-09-20
·
Updated
2019-09-23
·
CVE-2019-14911
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PRiSE adAS version 1.7.0
Description
An issue was discovered where the OPENSSO module does not properly escape output on error, leading to reflected XSS.
Recommendations
For PRiSE adAS version 1.7.0, consider disabling the OPENSSO module until a patch is available to prevent reflected XSS attacks.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opensso
Prise Adas