CVSS: 6.1EPSS: 65%CPEs: 1EXPL: 4CVE-2021-26723 – Jenzabar 9.2.2 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-26723
06 Feb 2021 — Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS. Jenzabar versiones 9.2.x hasta 9.2.2, permite un ataque de tipo XSS de /ics?tool=search&query= Jenzabar version 9.2.2 suffers from a cross site scripting vulnerability. • https://packetstorm.news/files/id/161303 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16778
https://notcve.org/view.php?id=CVE-2018-16778
21 Dec 2018 — Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field). Una vulnerabilidad Cross-Site Scripting (XSS) en Jenzabar, desde la versión v8.2.1 hasta la 9.2.0, permite que atacantes remotos inyecten scripts web o HTML mediante el parámetro query (también conocido como campo de búsqueda). • https://metamorfosec.com/Files/Advisories/METS-2018-004-A_XSS_Vulnerability_in_Jenzabar_8.2.1_to_9.2.0.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •