Описание
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules.
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-36978
- https://froxlor.org
- https://froxlor.org/download
- https://www.exploit-db.com/exploits/49063
- https://www.vulncheck.com/advisories/froxlor-froxlor-server-management-panel-persistent-cross-site-scripting
- https://www.vulnerability-lab.com/get_content.php?id=2241
- https://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.
- https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab
Связанные уязвимости
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules.