PT-2022-16740 · Flatpress · Flatpress
Published
2022-02-15
·
Updated
2023-03-04
·
CVE-2022-24588
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Flatpress version 1.2.1
Description
A cross-site scripting (XSS) issue was found in the Upload SVG File function. This could potentially allow attackers to inject malicious scripts into websites.
Recommendations
For Flatpress version 1.2.1, consider disabling the Upload SVG File function until a patch is available to prevent potential exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flatpress