CVE-2014-100036

CVE-2014-100036

EPSS 1.9%

Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter to the default URI.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/57808 https://exchange.xforce.ibmcloud.com/vulnerabilities/92538 https://github.com/evacchi/flatpress/issues/14 https://www.netsparker.com/critical-xss-vulnerabilities-in-flatpress/