PT-2023-20480 · Unknown · Frp Form Answers

Tim Schreiner

·

Published

2023-02-26

·

Updated

2023-03-07

·

CVE-2023-26091

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions frp form answers extension versions prior to 3.1.2 frp form answers extension versions 4.x prior to 4.0.2
Description The issue allows XSS via saved emails.
Recommendations For frp form answers extension versions prior to 3.1.2, update to version 3.1.2 or later. For frp form answers extension versions 4.x prior to 4.0.2, update to version 4.0.2 or later.

Exploit

Fix

XSS

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-26091
GHSA-Q3R2-23R8-WQR9

Affected Products

Frp Form Answers