After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks.Īn issue was discovered in the Growth extension in MediaWiki through 1.36.2. The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack. Easytest bulletin board management function of online learning platform does not filter special characters.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |