Timesheet XSS Vulnerability CVE-2019-1010287 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

Timesheet XSS Vulnerability CVE-2019-1010287 Scanner Detail

Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS).

The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.

Some Advice for Common Problems

Update your Timesheet application, to the latest version to eliminate this vulnerability.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service