2 matches found
CVE-2021-33496
Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view...
CVE-2021-33496
This CVE affects Dutchcoders transfer.sh prior to version 1.2.4. The vulnerability is an XSS in an inline view, caused by insufficient sanitization of URLs in that view. Impact is user-initialized script execution via the compromised inline view, with the issue occurring before 1.2.4. The vendor ...