Douphp · Douphp · CVE-2021-3370
Name of the Vulnerable Software and Affected Versions:
DouPHP version 1.6
Description:
A cross-site scripting (XSS) issue was found in DouPHP. The issue is related to the "/admin/cloud.php" API endpoint.
Recommendations:
For DouPHP version 1.6, as a temporary workaround, consider restricting access to the "/admin/cloud.php" endpoint until a patch is available.