Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-09-29T07:00:00

Updated: 2024-08-05T19:42:22.235Z

Reserved: 2017-09-29T00:00:00

Link: CVE-2017-14922

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-09-30T01:29:01.960

Modified: 2024-11-21T03:13:45.940

Link: CVE-2017-14922

cve-icon Redhat

No data.