One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 3919282 |
| Date de publication | 2022-01-03 13:15:08 (vue: 2022-01-03 16:06:40) |
| Titre | CVE-2021-24973 |
| Texte | The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin |
| Envoyé | Oui |
| Condensat | 2021 24973 action admins against ajax allowing any attacks authenticated available before cross cve dashboard does escape glsr logged not parameter perform plugin reviews sanitise scripting site them tool unauthenticated users viewing wordpress |
| Tags | Tool |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.