An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-26T20:44:23

Updated: 2024-08-04T22:17:19.719Z

Reserved: 2019-03-28T00:00:00

Link: CVE-2019-10263

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-26T21:15:11.390

Modified: 2024-11-21T04:18:46.260

Link: CVE-2019-10263

cve-icon Redhat

No data.