CVE-2021-24622

Posted on 2021년 10월 18일2021년 10월 19일 by admin

CVE-2021-24622

The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Source: CVE-2021-24622

답글 남기기 응답 취소