A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1177 | Exploit Technical Description Third Party Advisory |
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1177 | Exploit Technical Description Third Party Advisory |
Configurations
History
21 Nov 2024, 05:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://talosintelligence.com/vulnerability_reports/TALOS-2020-1177 - Exploit, Technical Description, Third Party Advisory |
Information
Published : 2021-02-01 16:15
Updated : 2024-11-21 05:01
NVD link : CVE-2020-13562
Mitre link : CVE-2020-13562
CVE.ORG link : CVE-2020-13562
JSON object : View
Products Affected
open-emr
- openemr
phpgacl_project
- phpgacl