Cross-Site Scripting (XSS) Vulnerability in Roundup 1.6 via URI

Cross-Site Scripting (XSS) Vulnerability in Roundup 1.6 via URI

CVE-2019-10904 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.

Learn more about our Web Application Penetration Testing UK.