Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-14315

Disclosure Date: July 28, 2019 (last updated November 27, 2024)
A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0