A reflected cross site scripting vulnerability was found in synnefoclient for Synnefo IMS 2015. The vulnerability has been discovered in the plan_name parameter on the request to fetch the package details for the logged in user. Request method is GET.
1aa548f792cd26dae870dc249c5997d19468b01ddea5005e482ca88a5e16bec8
TestLink version 1.9.14 suffers from a cross site request forgery vulnerability.
39f7ec2dfdf407f0782e906eebab9e38be681ca13f49a2d95361090f5468631a
TestLink version 1.9.14 suffers from a persistent cross site scripting vulnerability.
b46be8c0b8fb93b229267719e4d51695ead81f8d924cf7b2a0540380b2ef4098