SOWA.OPAC Reflected Cross Site Scripting
Posted by hacker on Nov 18
# Title: SOWA.OPAC Reflected Cross Site Scripting
# Vulnerability
Type: Cross Site Scripting (XSS)
# Attack Type: Account Hijacking,
Credential Theft, Data Leakage
# Author: Marek Holka
# Date:
2020-11-08
# Vendor: SOKRATES-software
# Software Link:
https://www.demo.sowwwa.pl/sowacgi.php
# Version: SOWA.OPAC all versions
up to 5.6.2
# CVE: CVE-2020-28350
# Description: A Cross Site Scripting
(XSS) vulnerability exists in Sokrates SOWA
SowaSQL…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
