2 matches found
CVE-2018-11351
script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...
CVE-2018-11351
The CVE-2018-11351 entry affects Jirafeau prior to version 3.4.1. Two stored Cross‑Site Scripting (XSS) vulnerabilities exist in script.php, stored in the shared files description file, allowing JavaScript payload execution when an administrator searches or lists uploaded files. The injections ar...