RSS   Vulnerabilities for 'UNA'   RSS

2019-08-09
 
CVE-2019-14805

CWE-79
 

 
studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing.

 
 
CVE-2019-14804

CWE-79
 

 
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing.

 


Copyright 2019, cxsecurity.com

 

Back to Top