CVE-2020-24314

Posted on by admin

CVE-2020-24314

Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the "t" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.

Source: CVE-2020-24314

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다