PT-2023-12202 · Ymfe Yapo · Ymfe Yapo

Published

2023-02-17

Updated

2023-02-21

CVE-2021-33237

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions YMFE yapo version 1.9.1

Description The issue allows an attacker to execute arbitrary code via the remark parameter of the interface edit page. This is a Cross Site Scripting vulnerability.

Recommendations For YMFE yapo version 1.9.1, avoid using the remark parameter in the interface edit page until the issue is resolved. As a temporary workaround, consider restricting access to the interface edit page to minimize the risk of exploitation.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-33237

Affected Products

Ymfe Yapo

PT-2023-12202 · Ymfe Yapo · Ymfe Yapo

CVE-2021-33237

Related Identifiers

Affected Products

References · 3