4 matches found
CVE-2021-25982
In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...
CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality
In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...
CVE-2021-25982
CVE-2021-25982 affects FactorJS - Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30. The flaw is a reflected Cross-Site Scripting (XSS) vulnerability in the URL’s search parameter, allowing an unauthenticated attacker to inject and execute JavaScript and potentially ste...
CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality
In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...