Cross-Site Scripting (XSS) Vulnerability in Rukovoditel 2.4.1

Cross-Site Scripting (XSS) Vulnerability in Rukovoditel 2.4.1

CVE-2019-7541 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring.

Learn more about our User Device Pen Test.