PT-2018-14330 · Tecrail · Tecrail Responsive Filemanager
Yavuz Atlas
·
Publicado
2018-10-10
·
Atualizado
2018-11-28
·
CVE-2018-18062
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
tecrail Responsive FileManager version 9.8.1
Description
A reflected XSS issue allows remote attackers to inject arbitrary web script or HTML. This occurs in the dialog.php file.
Recommendations
For tecrail Responsive FileManager version 9.8.1, consider disabling the dialog.php file as a temporary workaround until a patch is available. Restrict access to this file to minimize the risk of exploitation.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tecrail Responsive Filemanager