Home / exploitsPDF  

Nethserver 7 / 8 Cross Site Scripting

Posted on 21 May 2024

The NethServer module installed as WebTop, produced by Sonicle, is affected by a stored cross site scripting vulnerability due to insufficient input sanitization and output escaping which allows an attacker to store a malicious payload as to execute arbitrary web scripts or HTML. Versions 7 and 8 are affected.