Description
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2049)
MySQL CVE-2013-1532 Vulnerability (CVE-2013-1532)
PHP 5.3.9 remote code execution
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1576)