SOWA.OPAC Reflected Cross Site Scripting

Posted by hacker on Nov 18

# Title: SOWA.OPAC Reflected Cross Site Scripting
# Vulnerability
Type: Cross Site Scripting (XSS)
# Attack Type: Account Hijacking,
Credential Theft, Data Leakage
# Author: Marek Holka
# Date:
2020-11-08
# Vendor: SOKRATES-software
# Software Link:
https://www.demo.sowwwa.pl/sowacgi.php
# Version: SOWA.OPAC all versions
up to 5.6.2
# CVE: CVE-2020-28350
# Description: A Cross Site Scripting
(XSS) vulnerability exists in Sokrates SOWA
SowaSQL…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source