CVE-2019-13977
23Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 1.5%
from disclosure to weapon6 days
Published on NVDJul 19
1st PoC+6d
exploitation probability
1.5%top 29% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/153737/Ovidentia-8.4.3-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47159unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.