4 matches found
CVE-2017-20158
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The...
CVE-2017-20158
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The...
CVE-2017-20158
The CVE-2017-20158 entry concerns vova07 Yii2 FileAPI Widget up to 0.1.8. The vulnerability affects the run() function in actions/UploadAction.php, where manipulation of the file parameter enables a Cross-Site Scripting (XSS) vulnerability. It can be exploited remotely. A fix is available in vers...
CVE-2017-20158 vova07 Yii2 FileAPI Widget UploadAction.php run cross site scripting
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The...