Unauthenticated Reflected Cross Site Scripting (XSS) in Systematic IRIS Standards Management (ISM) v2.1 SP1 89

Unauthenticated Reflected Cross Site Scripting (XSS) in Systematic IRIS Standards Management (ISM) v2.1 SP1 89

CVE-2019-18926 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting (XSS). A user input (related to dialog information) is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the application.

Learn more about our Web App Pen Testing.