RSS   Vulnerabilities for 'Olimpok'   RSS

2020-10-16
 
CVE-2020-16270

CWE-79
 

 
OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim�??s browsers in context of vulnerable applications. Executed code can be used to steal administrator�??s cookies, influence HTML content of targeted application and perform phishing-related attacks. Vulnerable application used in more than 3000 organizations in different sectors from retail to industries.

 


Copyright 2024, cxsecurity.com

 

Back to Top