4 matches found
CVE-2023-1104 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1104 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1104 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1104
CVE-2023-1104 affects FlatPress (PHP-based blog builder) prior to 1.3. The vulnerability is a stored cross-site scripting (XSS) flaw in the GitHub repo flatpressblog/flatpress, exposed via the admin uploader workflow (uploading files with a .pages extension). The PoC in Huntr shows the server pro...