Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals allows Stored XSS. This issue affects OKRs & Goals: from 28220 before 28398.
Problem types
CWE-79 Improper neutralization of input during web page generation ('cross-site scripting')
Product status
28220 (custom) before 28398
Credits
Yunus KARA
Sarp Dora YONDEN
Abdurrahman Emre OZKOK
References
siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0524