2024-04-22 11:51:25
INCIBE
PUBLISHED
Cross-Site Scripting (XSS) vulnerability in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within all editable parameters within the General and Team ID functionalities, which could result in a session takeover.