2 matches found
CVE-2021-4303 shannah Xataface Installer install_form.js.php testftp cross site scripting
A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...
CVE-2021-4303
CVE-2021-4303 affects Xataface (PHP/MySQL) up to version 2.x, specifically the Installer component’s install_form.js.php testftp function. The issue enables cross-site scripting (XSS) due to lack of input sanitization. Impact is described as remote attack with no/low privilege required and user i...