Stored XSS Vulnerability in VFront 0.99.5 via admin/sync_reg_tab.php azzera parameter

Stored XSS Vulnerability in VFront 0.99.5 via admin/sync_reg_tab.php azzera parameter

CVE-2019-9838 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

VFront 0.99.5 has stored XSS via the admin/sync_reg_tab.php azzera parameter, which is mishandled during admin/error_log.php rendering.

Learn more about our Web Application Penetration Testing UK.