CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19858

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://github.com/SerpicoProject/Serpico/commit/270f05ca6e51c87bb0867abb0511b61bf2aae182
https://websec.nl/news.php
https://github.com/SerpicoProject/Serpico/commit/270f05ca6e51c87bb0867abb0511b61bf2aae182
https://websec.nl/news.php

Products affected by CVE-2019-19858

Serpico Project » Serpico » Version: 1.3.0

cpe:2.3:a:serpico_project:serpico:1.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19858

Products

Pricing

Contact Us