ГлавнаяУязвимости → CVE-2021-47835
7.2высокая

CVE-2021-47835

Описание

Freeter 1.2.1 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads in custom widget titles and files. Attackers can craft malicious files with embedded scripts that execute when victims interact with the application, potentially enabling remote code execution.

CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Источники
https://freeter.io/https://imgur.com/a/iBuKWm4https://www.exploit-db.com/exploits/49833https://www.vulncheck.com/advisories/freeter-persistent-cross-site-scriptinghttps://www.vulncheck.com/advisories/freeter-persistent-cross-site-scripting