Description

A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 229752b51025e678370298284d42f8ebb231f67f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216999.

Related CPE's

a

flatpress

flatpress

-

Vulnerable

References

https://github.com/flatpressblog/flatpress/commit/229752b51025e678370298284d42f8ebb231f67f

PatchThird Party Advisory

https://github.com/flatpressblog/flatpress/issues/180

Issue TrackingPatchThird Party Advisory

https://vuldb.com/?ctiid.216999

Third Party Advisory

https://vuldb.com/?id.216999

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.1 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-12-28T21:15:10.703

2 years ago

Last modified

2024-05-17T02:16:57.930

11 months ago