PT-2019-14024 · Flightpath · Flightpath
Published
2019-08-20
·
Updated
2019-08-28
·
CVE-2019-15227
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
FlightPath version 4.8.3
Description
The issue affects the Content, Edit urgent message, and Users sections of the Admin Console, where an XSS attack could occur, potentially leading to cookie stealing and other malicious actions.
Recommendations
For FlightPath version 4.8.3, update to a newer version that contains a fix for this issue to prevent XSS attacks in the Admin Console sections.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flightpath