2020-12-23 17:20:03
mitre
PUBLISHED
CRK Business Platform <= 2019.1 allows reflected XSS via erro.aspx on CRK, IDContratante, Erro, or Mod parameter. This is path-independent.