CVE-2021-43810

Name of the Vulnerable Software and Affected Versions: Admidio versions prior to 4.0.12

Description: A cross-site scripting vulnerability is present in Admidio. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable of executing malicious scripts.

Recommendations: For versions prior to 4.0.12, update to version 4.0.12 to resolve the issue. As a temporary workaround, consider restricting access to the redirect.php file or validating the url parameter to minimize the risk of exploitation.