Cross-Site Scripting Vulnerabilities in Agentejo Cockpit by Agentejo
CVE-2018-15538

6.1MEDIUM

Key Information:

Vendor: Agentejo
Status: Cockpit
Vendor: CVE Published:; 15 October 2018

What is CVE-2018-15538?

Agentejo Cockpit is susceptible to multiple Cross-Site Scripting vulnerabilities which could allow attackers to inject malicious scripts into web pages viewed by other users. This could potentially lead to unauthorized actions or the exposure of sensitive information. Timely mitigation is essential to safeguard the integrity and security of the application and its users.

References

http://seclists.org/fulldisclosure/2018/Oct/30

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2018
Vulnerability Reserved
Aug 19, 2018

CVE-2018-15538 Data

JSON