CVE-2022-4821

Name of the Vulnerable Software and Affected Versions FlatPress (affected versions not specified)

Description A problematic vulnerability was found in FlatPress, affecting the onupload function of the admin/panels/uploader/admin.uploader.php file in the XML File Handler/MD File Handler component. This leads to cross-site scripting and can be initiated remotely.

Recommendations Apply a patch to fix this issue. The patch is identified by the name 3cc223dec5260e533a84b5cf5780d3a4fbf21241. As a temporary workaround, consider disabling the onupload function in the admin.uploader.php file until the patch is applied.