Reflected XSS Vulnerability in Eclipse BIRT Report Viewer

Reflected XSS Vulnerability in Eclipse BIRT Report Viewer

CVE-2019-11776 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.

Learn more about our Web Application Penetration Testing UK.