Unrated severityNVD Advisory· Published Feb 26, 2020· Updated Aug 5, 2024

CVE-2019-19990

Description

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Multiple Stored Cross-site scripting (XSS) vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML via the web pages /monitor/s_headmodel.php and /vam/vam_user.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Selesta/Visual Access Managerdescription
Seling/Selesta Visual Access Managerllm-create
Range: 4.15.0 through 4.29

Patches

Vulnerability mechanics

References

www.seling.itmitrex_refsource_MISC
www.seling.it/product/vam/mitrex_refsource_MISC
www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000