CVE-2019-19855

Published January 15th, 2020

View on NVD ↗

CVSS v3

4.8

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter.

BuffaloWill/Serpico

SimplE RePort wrIting and COllaboration tool

GitHub

1.11K