Artica Proxy before 4.30.000000 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Artica Proxy before 4.28.030418 Community Edition allows Cross Site Scripting exists via the input fields Server Domain Name,Your Email Address,Group Name,MySQL Sever,Database,MySQL Username, Group Name and Task description fields.

Credit:

The information has been provided by Pratiksha Dhone

The original article can be found at:http://artica-proxy.com/telechargements/


Details

An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields.

 

Vulnerable Systems:

Artica Proxy before 4.30.000000

 

CVE Information:

CVE-2020-15051

 

Disclosure Timeline:
Published Date:7/15/2020

Categories: News