Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2018-8900

Description

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability.

POC

Reference

- https://drive.google.com/file/d/18BaBzGcjWAfJyZ_phWEVerYmmLB-vxF-/view?usp=sharing

Github

No PoCs found on GitHub currently.