3 matches found
CVE-2021-43697
Workerman-ThinkPHP-Redis last update Mar 16, 2018 is affected by a Cross Site Scripting XSS vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $GETC'VARJSONPHANDLER' then there is a XSS vulnerability...
CVE-2021-43697
Workerman-ThinkPHP-Redis last update Mar 16, 2018 is affected by a Cross Site Scripting XSS vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $GETC'VARJSONPHANDLER' then there is a XSS vulnerability...
CVE-2021-43697
CVE-2021-43697 affects the combined Workerman-ThinkPHP-Redis project. The vulnerability originates in the file Controller.class.php where the exit() call prints a message to the user and incorporates content from $_GET{C('VAR_JSONP_HANDLER')}, enabling a Cross-Site Scripting (XSS) scenario. The c...