CVE-2019-16307: XSS
First published: Sat Sep 14 2019(Updated: )
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKey parameter (deleteWebExMeetingCheck.jsp).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox DocuShare | <=7.0.0.c1.609 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-16307?
The severity of CVE-2019-16307 is medium, with a CVSS score of 6.1.
What is CVE-2019-16307?
CVE-2019-16307 is a Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in Fuji Xerox DocuShare through version 7.0.0.C1.609.
Which software is affected by CVE-2019-16307?
Fujixerox Docushare version 7.0.0.C1.609 is affected by CVE-2019-16307.
How can remote attackers exploit CVE-2019-16307?
Remote attackers can exploit CVE-2019-16307 by injecting arbitrary web script or HTML via the 'handle' parameter in webExMeetingLogin.jsp and meetingKe.
Is there a fix available for CVE-2019-16307?
Currently, there is no known fix available for CVE-2019-16307. It is recommended to monitor the vendor's website for updates.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/fujixerox
- canonical/xerox docushare
- version/xerox docushare/7.0.0.c1.609