CVE-2021-33988

描述

Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.

受影響套件(1)

• Packagist/microweber/microweberfrom 0, < 1.2.8

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-33988
• PATCHhttps://github.com/microweber/microweber
• WEBhttps://github.com/nck0099/osTicket/issues/2