2 matches found
CVE-2021-25926
In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting XSS due to user input not being validated properly in the quicksearch feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the...
CVE-2021-25926
SiCKRAGE is affected by a Reflected XSS vulnerability (CVE-2021-25926) in versions 9.3.54.dev1 through 10.0.11.dev1, caused by improper validation of user input in the quicksearch feature. The underlying issue allows an attacker to steal a user’s sessionID and masquerade as the victim user, enabl...