XSS Vulnerability in Knowage through 6.1.1 via start_url or user_id Field in ChangePwdServlet Page

XSS Vulnerability in Knowage through 6.1.1 via start_url or user_id Field in ChangePwdServlet Page

CVE-2019-13189 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

In Knowage through 6.1.1, there is XSS via the start_url or user_id field to the ChangePwdServlet page.

Learn more about our User Device Pen Test.