mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 17:22:02 +00:00
673 B
673 B
CVE-2019-7541
Description
Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring.
POC
Reference
- http://packetstormsecurity.com/files/151657/Rukovoditel-Project-Management-CRM-2.4.1-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/46366/