CVE-2019-11776
CVE-2019-11776
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.9%KEV nãoPoC —Patch —
Lifecycle
Aug 09, 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.
Affected products
The Eclipse Foundation · Eclipse BIRTWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →