Количество 3
Количество 3
CVE-2024-9699
A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a filename. This can lead to a Cross-Site Scripting (XSS) attack if the uploaded file is accessed by other users. The issue is fixed in version 1.4.dev.
CVE-2024-9699
A vulnerability in the file upload functionality of the FlatPress CMS ...
GHSA-rqhc-x44r-f23j
A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a filename. This can lead to a Cross-Site Scripting (XSS) attack if the uploaded file is accessed by other users. The issue is fixed in version 1.4.dev.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-9699 A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a filename. This can lead to a Cross-Site Scripting (XSS) attack if the uploaded file is accessed by other users. The issue is fixed in version 1.4.dev. | CVSS3: 5.4 | 0% Низкий | 11 месяцев назад |
| CVE-2024-9699 A vulnerability in the file upload functionality of the FlatPress CMS ... | CVSS3: 5.4 | 0% Низкий | 11 месяцев назад |
| GHSA-rqhc-x44r-f23j A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a filename. This can lead to a Cross-Site Scripting (XSS) attack if the uploaded file is accessed by other users. The issue is fixed in version 1.4.dev. | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу