← back
CVE-2021-32106

CVE-2021-32106

EPSS 0.9%
In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. As a result, arbitrary Javascript code can get executed.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/icecoder/ICEcoderhttps://groups.google.com/g/icecoder/c/xcAc8_1UPxQhttps://prophaze.com/cve/icecoder-8-0-multipe-results-php-replace-cross-site-scripting/