Medium severity5.4OSV Advisory· Published Sep 19, 2018· Updated Jun 17, 2026
CVE-2018-16607
CVE-2018-16607
Description
Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field.
Affected products
2- Range: Open-AudIT_1.12, Open-AudIT_1.12.2, Open-AudIT_1.12.2_1, …
- Range: =2.2.7
Patches
Vulnerability mechanics
References
1- docs.google.com/document/d/1MKeb9lly_oOrVG0Ja4A-HgwaeXhb_xQHT9IIOee3wi0/editnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.