SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability
Advisory:
|
SaltOS 3.1 Cross-Site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2012-018
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on SaltOS 3.1 r4908
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
SaltOS 3.1 is prone to a Cross-Site Scripting vulnerability, because of using PHPExcel 1.7.7 (latest version)