RSS   Vulnerabilities for 'Select2'   RSS

2019-03-27
 
CVE-2016-10744

CWE-79
 

 
In Select2 through 4.0.5, as used in Snipe-IT and other products, rich selectlists allow XSS. This affects use cases with Ajax remote data loading when HTML templates are used to display listbox data.

 


Copyright 2024, cxsecurity.com

 

Back to Top