CVE-2019-18249 - AskarLabs CVE Database

CVE-2019-18249

Vendor N/A

Product Reliable Controls MACH-ProWebCom/Sys

Weakness CWE-79 · XSS

Published December 24, 2019

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link.

Key dates

02Disclosure timeline

December 24, 2019 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-18249 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2021-43842 Stored XSS via SVG file upload in Wiki.js CVE-2020-9732 Stored XSS in AEM Sites Components CVE-2019-15706 CVE-2024-12641 Chunghwa Telecom TenderDocTransfer - Reflected Cross-site Scripting to RCE CVE-2026-0800 User Submitted Posts – Enable Users to Submit Posts from the Front End <= 20251210 - Unauthenticated Stored Cross-Site Scripting via Custom Field