We found results for “”
WS-2017-3788
Good to know:
Date: February 8, 2017
In TEAMMATES feedback management tool, versions V4.98 through V5.94 are vulnerable to Cross Site Scripting (XSS), due to user input not sanitized in the admin home page.
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Cross-Site Scripting (XSS)
CWE-79Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | HIGH |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |