Medium severity5.4NVD Advisory· Published Oct 30, 2019· Updated Jun 17, 2026
CVE-2019-18207
CVE-2019-18207
Description
In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload will be triggered every time a user browses the reports page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Zucchetti/InfoBusiness Web Componentdescription
- Range: <=4.4.1
- Range: <=4.4.1
Patches
Vulnerability mechanics
References
1- blog.hacktivesecurity.com/index.phpnvdThird Party Advisory
News mentions
0No linked articles in our index yet.