An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-02-06
An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php page has a reflected Cross-site Scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-02-06