CVE-2021-23838 – An issue was discovered in flatCore before 2.0.0 build 139. A reflected XSS vulnerability …

15 January 2021

Vuln ID: CVE-2021-23838

Published: 2021-01-15 07:15:14Z

Description: An issue was discovered in flatCore before 2.0.0 build 139. A reflected XSS vulnerability was identified in the media_filter HTTP request body parameter for the acp interface. The affected parameter accepts malicious client-side script without proper input sanitization. For example, a malicious user can leverage this vulnerability to steal cookies from a victim user and perform a session-hijacking attack, which may then lead to unauthorized access to the site.

Source: NVD.NIST.GOV

Date:

15 January 2021

Categorie(s):

NVD

Tag(s):

NVD

TensorFlow AI models at risk due to Keras API flaw23 April 2024
Hackers infect users of antivirus service that delivered updates over HTTP23 April 2024
Top 5 Cybersecurity Threats That eCommerce Websites Should Watch Out For23 April 2024
Google ad for Facebook redirects to scam23 April 2024
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #38023 April 2024