CVE-2021-26628

Name of the Vulnerable Software and Affected Versions Software (affected versions not specified)

Description The issue is related to insufficient script validation on the admin page, which enables cross-site scripting (XSS) and allows unauthorized users to steal admin privileges. Additionally, when uploading files in a specific menu, the verification of the files is insufficient, allowing remote attackers to upload arbitrary files by disguising them as image files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.