Critical severity9.0NVD Advisory· Published Jun 5, 2019· Updated Jun 17, 2026
CVE-2019-7671
CVE-2019-7671
Description
Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to scripts are not properly sanitized before being returned to the user, which may allow an attacker to execute arbitrary code in a user’s browser session in context of an affected site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Prima Systems/FlexAirdescription
- Range: <=2.3.38
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/155274/Prima-Access-Control-2.3.35-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- applied-risk.com/labs/advisoriesnvdNot ApplicableThird Party Advisory
- applied-risk.com/resources/ar-2019-007nvdThird Party Advisory
- www.us-cert.gov/ics/advisories/icsa-19-211-02nvdThird Party AdvisoryUS Government Resource
- applied-risk.com/index.php/download_file/view/199/165nvdBroken Link
News mentions
0No linked articles in our index yet.