← Back to CVE List

CVE-2019-20381

Published: 2020-01-20T06:15Z
Last Modified: 2024-11-21T04:38Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt