An issue exists in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
agentejo cockpit 0.10.2 |