Stored XSS Vulnerability in SIDU 6.0 via Unfiltered Database Name Input

Stored XSS Vulnerability in SIDU 6.0 via Unfiltered Database Name Input

CVE-2019-7547 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS.

Learn more about our Web Application Penetration Testing UK.