Описание
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-17176
- https://docs.genesys.com/Documentation/ES
- https://docs.genesys.com/extensions/Repository/cache2/public/eServices/8.1/mm_81advisory.html
- https://gist.github.com/MortalP0ison/2225f19abd173548c884ccc2acb9a398
- https://gist.github.com/MortalP0ison/5fd584b4c85fa13281fdc918913446fa
- https://twitter.com/@Mortal_Poison_
- https://xecure-labs.com
Связанные уязвимости
CVSS3: 6.1
nvd
больше 6 лет назад
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).