Security Advisory

CVE-2019-20381

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-20 05:21:28

Last updated 2024-08-05 02:39:09

Assigner mitre

State PUBLISHED

Description

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.

← Browse all CVEs View on cve.org ↗