Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via ConnPoolName Parameter

Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via ConnPoolName Parameter

CVE-2018-19649 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter.

Learn more about our Web Application Penetration Testing UK.