PT-2021-17187 · Unknown+1 · Henriquedornas+1
0Xrayan
·
Published
2021-02-10
·
Updated
2024-08-03
·
CVE-2021-26938
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
henriquedornas version 5.2.17
Description:
A stored XSS issue exists via online live chat. It is reported that henriquedornas is a web design agency and 5.2.17 refers to the PHP version running on the host.
Recommendations:
For version 5.2.17, consider disabling the online live chat feature until a proper fix is applied to prevent exploitation of the stored XSS issue.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php
Henriquedornas