Описание
PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters to execute client-side attacks and potentially hijack user sessions.
PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters to execute client-side attacks and potentially hijack user sessions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-47912
- https://www.phpsugar.com/blog/2021/09/php-melody-3-0-vulnerability-report-fix
- https://www.phpsugar.com/phpmelody.html
- https://www.vulncheck.com/advisories/php-melody-non-persistent-cross-site-scripting-via-multiple-parameters
- https://www.vulnerability-lab.com/get_content.php?id=2290
Связанные уязвимости
PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters to execute client-side attacks and potentially hijack user sessions.