XSS Vulnerability in Ahsay Cloud Backup Suite Allows Account Takeover

XSS Vulnerability in Ahsay Cloud Backup Suite Allows Account Takeover

CVE-2019-10263 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account.

Learn more about our Cloud Audit.