PT-2019-19999 · Ids · Ids-Enterprise
Published
2019-06-13
·
Updated
2019-06-13
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
ids-enterprise versions prior to 4.18.2
Description
The issue affects the
soho-dropdown component, which does not properly encode its output. This may allow attackers to execute arbitrary JavaScript, resulting in a Cross-Site Scripting (XSS) issue.Recommendations
Upgrade to version 4.18.2 or later
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ids-Enterprise