patrickdeanramos/oVirt-4.3-Reflected-Cross-Site-Scripting

oVirt-engine Open Virtualization Manager version 4.3 login page is vulnerable to reflected Cross-site scripting (XSS). The parameter "scope" fails to sanitize the entry, allowing the malicious script to execute as part of the GET request.

Stargazers

No one’s star this repository yet.