Search found 12 matches
- 20 Dec 2020, 00:15
- Forum: Bug Report version 2.7
- Topic: Rukovoditel 2.7.2 Clickjacking Vulnerability
- Replies: 3
- Views: 2009
Rukovoditel 2.7.2 Clickjacking Vulnerability
1. Description: ---------------------- Rukovoditel 2.7.2 Clickjacking Vulnerability 2. To Reproduce: ---------------------- - Login with user account into the panel. - Go to "Projects", click to you "Projects" - Select "Add Ticket", choose "iFrame" and add mal...
- 19 Dec 2020, 13:11
- Forum: Bug Report version 2.7
- Topic: Cross Site Scripting Vulnerability on "Name" via "Application Entities" feature in Rukovoditel v2.7.2
- Replies: 0
- Views: 1761
Cross Site Scripting Vulnerability on "Name" via "Application Entities" feature in Rukovoditel v2.7.2
Cross Site Scripting Vulnerability on "Name" via "Application Entities" feature in Rukovoditel v2.7.2 **Describe the bug An authenticated malicious user can take advantage of a Stored XSS vulnerability on "Name" via "Application Entities" feature in Rukovodite...