Posted by RedTeam Pentesting GmbH on Oct 13

Advisory: Cross-Site Scripting in myfactory.FMS

During a penetration test, a reflected cross-site scripting
vulnerability (XSS) was found in the myfactory.FMS login form. If a user
opens an attacker-prepared link to the application, attackers can run
arbitrary JavaScript code in the user’s browser.

Details
=======

Product: myfactory.FMS
Affected Versions: <= 7.1-911
Fixed Versions: 7.1-912 and later
Vulnerability Type: Cross-Site…
Read More – Full Disclosure


By |2021-10-13T11:18:54-04:00October 13th, 2021|