vendor:
ReqWebHelp
by:
John Doe
4.3
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: ReqWebHelp
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020
Cross-Site Scripting (XSS) in ReqWebHelp
Cross-Site Scripting (XSS) vulnerability in ReqWebHelp allows remote attackers to inject arbitrary web script or HTML via the operation parameter in workingSet.jsp, the searchWord parameter in searchView.jsp, the maxHits parameter in searchView.jsp, the scopedSearch parameter in searchView.jsp, and the scope parameter in searchView.jsp.
Mitigation:
Input validation should be used to prevent Cross-Site Scripting (XSS) attacks.