CVE-2019-11776

Summary

In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.

Affected Software

VendorProductVersion RangeStatus
The Eclipse FoundationEclipse BIRT1.0 to 4.7affected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation

ADP Enrichment

CVE Program Container

Additional References

References