ClonOS WEB Control Panel 19.09 - Cross-Site Scripting (XSS) Vulnerability in index.php

CVE-2019-18419 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

Learn more about our Web App Pen Testing.