Vulnerability Description
Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting (XSS). The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/her account. The fixed version is: 3.0.16.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Genetechsolutions | Pie Register | 3.0.15 |
Related Weaknesses (CWE)
References
- https://0day.today/exploit/31255Third Party Advisory
- https://packetstormsecurity.com/files/149665/wppieregister3015-xss.txtThird Party AdvisoryVDB Entry
- https://seclists.org/bugtraq/2018/Oct/16Mailing ListThird Party Advisory
- https://0day.today/exploit/31255Third Party Advisory
- https://packetstormsecurity.com/files/149665/wppieregister3015-xss.txtThird Party AdvisoryVDB Entry
- https://seclists.org/bugtraq/2018/Oct/16Mailing ListThird Party Advisory
FAQ
What is CVE-2019-1010207?
CVE-2019-1010207 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting (XSS). The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and sup...
How severe is CVE-2019-1010207?
CVE-2019-1010207 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1010207?
Check the references section above for vendor advisories and patch information. Affected products include: Genetechsolutions Pie Register.