Security Advisory

CVE-2019-13948

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-18 15:56:39

Last updated 2024-08-05 00:05:44

Assigner mitre

State PUBLISHED

Description

SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of the onerror attribute of an IMG element.

← Browse all CVEs View on cve.org ↗