CVE-2019-7551
N/A
N/A
Summary
Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this vulnerability would enable performing actions as users, including administrative users. This could enable account creation and deletion as well as deletion of information contained within the app.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.bishopfox.com/news/2019/03/cantemo-portal-version-3-8-4-cross-site-scripting/
- https://www.bishopfox.com/blog/news-category/advisories/
- https://doc.cantemo.com/latest/ReleaseNotes/intro.html#version-3-4-9
- https://blog-posts–cantemo.netlify.com/news/2019/03/cantemo-portal-xss-vulnerabilities/
References
- https://www.bishopfox.com/news/2019/03/cantemo-portal-version-3-8-4-cross-site-scripting/
- https://www.bishopfox.com/blog/news-category/advisories/
- https://doc.cantemo.com/latest/ReleaseNotes/intro.html#version-3-4-9
- https://blog-posts–cantemo.netlify.com/news/2019/03/cantemo-portal-xss-vulnerabilities/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.