CVE-2017-15214

CVE-2017-15214

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title, or id parameter to plugins/dokuwiki/lib/plugins/changelinks/syntax.php.

Source: CVE-2017-15214

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다