Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-22849

Disclosure Date: January 22, 2021 (last updated October 07, 2023)
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0