2 matches found
CVE-2023-47314
Headwind MDM Web panel 5.22.1 is vulnerable to cross-site scripting XSS. The file upload function allows APK and arbitrary files to be uploaded. By exploiting this issue, attackers may upload HTML files and share the download URL pointing to these files with the victims. As the file download...
CVE-2023-47314
Headwind MDM Web panel version 5.22.1 is affected by a cross-site scripting (XSS) vulnerability arising from the file upload feature, which allows APK and arbitrary files to be uploaded. The vulnerability enables an attacker to upload HTML files and share a download URL; because the file is serve...