← volver
CVE-2022-0385

Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS

EPSS 1.4%CWE-79
The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting
Productos afectados
Unknown · Crazy Bone

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/60067b8b-9fa5-40d1-817a-929779947891