Lucene search
PRIOn knowledge basePRION:CVE-2021-40966HistorySep 15, 2021 - 6:15 p.m.
Design/Logic Flaw
2021-09-1518:15:00
PRIOn knowledge base
www.prio-n.com
7
A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will run on any user browser when they access the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tinyfilemanager | le | 2.4.6 |
Related
cvelist
cvelist
CVE-2021-40966
2021-09-15 17:10:32
nvd
nvd
CVE-2021-40966
2021-09-15 18:15:09
cve
cve
CVE-2021-40966
2021-09-15 18:15:09
cnvd
cnvd
TinyFileManager Cross-Site Scripting Vulnerability
2021-09-17 00:00:00