Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition prior to 18.3.0-61806.763 allows an unauthenticated remote malicious user to inject arbitrary javascript via the onerror parameter in the /__r2/query endpoints.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
labkey labkey server |