Cross-Site Scripting Vulnerability in Reprise License Manager's License Editor

Cross-Site Scripting Vulnerability in Reprise License Manager's License Editor

CVE-2018-15574 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability.

Learn more about our Web Application Penetration Testing UK.