XSS Vulnerability in Ahsay Cloud Backup Suite Allows Account Takeover
CVE-2019-10263 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account.
Learn more about our Cloud Audit.