RSS   Vulnerabilities for 'Elkarbackup'   RSS

2021-11-02
 
CVE-2020-35249

CWE-79
 
 
Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature.

 
2020-09-15
 
CVE-2020-24924

CWE-79
 
 
A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies >> action >> Name Parameter

 

Copyright 2024, cxsecurity.com

 

Back to Top