Re: [FD] SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet

2018-05-15 Thread SEC Consult Vulnerability Lab
The following CVE numbers have been assigned now: XSS issue: CVE-2018-11090 Arbitrary File Upload: CVE-2018-11091 On 2018-05-14 13:25, SEC Consult Vulnerability Lab wrote: > SEC Consult Vulnerability Lab Security Advisory < 20180514-0 > >

[FD] SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet

2018-05-14 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20180514-0 > === title: Arbitrary File Upload & Cross-site scripting product: MyBiz MyProcureNet vulnerable version: 5.0.0 fixed version: unknown