We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Escaping part of URL and redirecting to /login page.
When clicking on a specially crafted URL, JavaScript Code gets executed.
https://SERVER-IP/%0a%0a%3Cscript%3Ealert('Vulnerable');%3C/script%3Ewebsite.jsp
gsa: 8.0.0
gvm: 8.0.0
openvas-scanner: 6.0.0
gvm-libs:
Operating system:
found with nikto v2.1.6
verified with Firefox Quantum 68.0.2esr (64-Bit)
Installation method / source: (packages, source installation)
The text was updated successfully, but these errors were encountered:
Thanks a lot for your report! 👍 It should be fixed with my PR.
Sorry, something went wrong.
2ff91fd
It seems CVE-2019-25047 has been assigned to this recently.
bjoernricks
No branches or pull requests
Expected behavior
Escaping part of URL and redirecting to /login page.
Actual behavior
When clicking on a specially crafted URL, JavaScript Code gets executed.
Steps to reproduce
https://SERVER-IP/%0a%0a%3Cscript%3Ealert('Vulnerable');%3C/script%3Ewebsite.jsp
GVM versions
gsa: 8.0.0
gvm: 8.0.0
openvas-scanner: 6.0.0
gvm-libs:
Environment
Operating system:
found with nikto v2.1.6
verified with Firefox Quantum 68.0.2esr (64-Bit)
Installation method / source: (packages, source installation)
Logfiles
The text was updated successfully, but these errors were encountered: