Unrated severityNVD Advisory· Published Jun 17, 2020· Updated Aug 4, 2024
CVE-2020-14408
CVE-2020-14408
Description
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.
Affected products
2- Agentejo/Cockpitdescription
Patches
Vulnerability mechanics
References
1- github.com/agentejo/cockpit/issues/1310mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.