PT-2020-14099 · Webtareas · Webtareas
Published
2020-06-22
·
Updated
2020-06-25
·
CVE-2020-14973
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
webTareas version 2.0p8
Description
The issue concerns a Reflected Cross Site Scripting (XSS) vulnerability. This occurs via the query string in the loginForm within the general/login.php webpage.
Recommendations
For webTareas version 2.0p8, consider validating and sanitizing user input in the query string to prevent XSS attacks. As a temporary workaround, restrict access to the general/login.php webpage until a patch is available.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Webtareas