Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-29T07:00:00
Updated: 2024-08-05T19:42:22.235Z
Reserved: 2017-09-29T00:00:00
Link: CVE-2017-14922
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-09-30T01:29:01.960
Modified: 2024-11-21T03:13:45.940
Link: CVE-2017-14922
Redhat
No data.