In Accela Civic Platform up to and including 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
accela civic platform |