Cross-Site Scripting (XSS) Vulnerability in Roundup 1.6 via URI
CVE-2019-10904 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.
Learn more about our Web Application Penetration Testing UK.