Описание
Cross-site scripting in application/controllers/dropbox.php in JustWriting
Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.
Пакеты
Наименование
hjue/justwriting
composer
Затронутые версииВерсия исправления
<= 1.0.0
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 4 лет назад
Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.