Cross-Site Scripting (XSS) Vulnerability in Ericsson Active Library Explorer (ALEX) 14.3

Cross-Site Scripting (XSS) Vulnerability in Ericsson Active Library Explorer (ALEX) 14.3

CVE-2019-7417 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.

Learn more about our Web Application Penetration Testing UK.