| ID | CVE-2021-22849 | ||||||
| Sažetak | Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:S/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 28-01-2021 - 21:44 | ||||||
| Objavljeno | 22-01-2021 - 09:15 |
