CVE-2021-40238 – A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel in Webuzo < 2.9.0 …

15 September 2021

Vuln ID: CVE-2021-40238

Published: 2021-09-15 17:15:10Z

Description: A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel in Webuzo < 2.9.0 via an HTTP request to a non-existent page, which is activated by administrators viewing the "Error Log" page. An attacker can leverage this to achieve Unauthenticated Remote Code Execution via the "Cron Jobs" functionality of Webuzo.

Source: NVD.NIST.GOV

Date:

15 September 2021

Categorie(s):

NVD

Tag(s):

NVD

Quishing Attacks Jump Tenfold, Attachment Payloads Halve18 April 2024
Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 202018 April 2024
Apple wants to improve the carbon offset market18 April 2024
OpenSSF Warns of Open-Source Social Engineering Threats18 April 2024
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant18 April 2024