First published: Sun Oct 06 2019(Updated: )
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Subrion 4.2.1 is CVE-2019-17225.
CVE-2019-17225 has a severity rating of medium (5.4).
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, also known as an "Admin Member JSON Update" issue.
You can check if your Subrion installation is affected by CVE-2019-17225 by verifying that your version is 4.2.1.
Currently, there are no known fixes for CVE-2019-17225. It is recommended to update to the latest version of Subrion when a fix becomes available.