VULHUB ™

### Description NethServer suffers from an authenticated stored XSS vulnerability. Input passed to the 'BackupConfig[Upload][Description]' POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. ### Vendor NethServer.org - https://www.nethserver.org ### Affected Version 7.3.1611-u1-x86_64 ### Tested On Kernel 3.10.0.-514.el7.x86_64 on an x86_64 CentOS Linux 7.3.1611 (Core)

### Description NethServer suffers from an authenticated stored XSS vulnerability. Input passed to the 'BackupConfig[Upload][Description]' POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. ### Vendor NethServer.org - https://www.nethserver.org ### Affected Version 7.3.1611-u1-x86_64 ### Tested On Kernel 3.10.0.-514.el7.x86_64 on an x86_64 CentOS Linux 7.3.1611 (Core)