All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with access to the web interface is able to hijack sessions or navigate victims outside of SiteOmat, to a malicious server owned by him.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2019-06-03T18:51:37
Updated: 2024-08-05T19:42:22.114Z
Reserved: 2017-09-27T00:00:00
Link: CVE-2017-14850

No data.

Status : Modified
Published: 2019-06-03T19:29:00.297
Modified: 2024-11-21T03:13:37.720
Link: CVE-2017-14850

No data.