CVE-2019-18419

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.0500%

EPSS Percentile12.29th

Published2019年10月24日

Last Modified2024年11月21日

Vulnerability Description

A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

Affected Platforms (CPE)

💻

Clonos

= 19.09

References & Advisories

🔗 https://github.com/Andhrimnirr/ClonOS-WEB-control-panel-multi-vulnerability

関連する脆弱性情報

CVE-2019-155719.8

The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php.

CVE-2019-184189.8

clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because ther...

CVE-2019-1151010.0

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated rem...

CVE-2019-186710.0

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypa...