Myndtt

Name of the Vulnerable Software and Affected Versions: FastAdmin version 1.0.0.20180417 beta Description: An issue was discovered in the application, allowing for XSS via the `avatar` parameter in the `User.php` file, located at the "application/api/controller/" endpoint. Recommendations: For FastAdmin version 1.0.0.20180417 beta, consider restricting access to the `avatar` parameter in the `User.php` file until a patch is available. As a temporary workaround, avoid using the `avatar` parameter in the affected API endpoint.