Published: 19/10/2020 Updated: 28/10/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for conversations/all, conversations/inbox, conversations/unassigned, and conversations/closed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
blinger blinger 1.0.2519

CVE-2019-13633 [Suggested description]: Blingerio v102519 is vulnerable to Blind/Persistent XSS [Additional Information]: Blingerio - is a platform which used by global clients such as FxPro, Alfa Bank, OneTwoTrip, Ivi, KupiVIP Group, Belavia, Wargaming, Yandex, OZON, TCS Group Holding and others Performing this attack allow criminals gather critical information about c

CWE-79 https://blinger.io/https://github.com/Security-AVS/CVE-2019-13633 https://nvd.nist.gov https://github.com/Aleksander-Semenenko/CVE-2019-13633

CVE-2019-13633

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect