CVE-2021-38709

CVE-2021-38709

EPSS 0.6%

In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://compo.sr/news/view/announcements/two-new-xss-security.htm