Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2019-7551

Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this vulnerability would enable performing actions as users, including administrative users. This could enable account creation and deletion as well as deletion of information contained within the app.

  • Published: Apr 10, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-7551
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9
  • AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6
  • AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
cantemo / portal 3.4.0 3.4.9
cantemo / portal 3.3.0 3.3.8
cantemo / portal - 3.2.13