CVE-2017-14530

Name of the Vulnerable Software and Affected Versions Crony Cronjob Manager plugin versions prior to 0.4.7

Description The issue concerns a CSRF vulnerability via the name parameter in an "action=manage&do=create" operation. This can be exploited to insert XSS sequences.

Recommendations For versions prior to 0.4.7, update to version 0.4.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the "action=manage&do=create" operation to minimize the risk of exploitation. Avoid using the name parameter in the affected operation until the issue is resolved.