CVE-2019-10904

Publication date

2019-04-06 19:40:05

Family

mitre

State

PUBLISHED

Description

Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.