CVE-2017-16950 - Reflected XSS Urbackup Server < 2.1.20

Cross - site scripting (XSS) vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML on action parameter.

http://vulnerable.com/x?a="<script>alert("XSS")</script>

Discovered by : Mickael BROUTY - FIDENS

Mitre CVE-2017-16950