2020-06-17 19:21:23
mitre
PUBLISHED
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web pages content, creating a Reflected XSS attack vector.