appRain Quick Start Edition Core Edition Multiple Persistence Cross-Site Scripting Vulnerabilities.

  • Post author:
  • Reading time:1 mins read

SecPod Research Team member (Antu Sanadi) has found multiple persistence cross-site scripting vulnerabilities in appRain Quick Start Edition Core Edition. The vulnerability is caused by improper validation of various parameters. This may allow an attacker to steal cookie-based authentications or inject arbitrary HTML code and launch further attacks.

More information can be found here.