Описание
Microweber Cross-site Scripting can result in redirection to a malicious site
Microweber versions 1.3.1 and prior are vulnerable to HTML injection that an attacker can use to redirect someone to a malicious site. A patch is available at commit 68f0721571653db865a5fa01c7986642c82e919c and expected to be part of version 1.3.2.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
<= 1.3.1
1.3.2
Связанные уязвимости
CVSS3: 6.1
nvd
почти 3 года назад
Code Injection in GitHub repository microweber/microweber prior to 1.3.2.