2 matches found
PT-2024-19480 · Flycms · Flycms
Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is related to Cross Site Scripting XSS in the system website settings, specifically in the website name section. This allows for potential malicious script injection. No information is provided about...
PT-2024-19531 · Flycms · Flycms
Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It can be exploited via the "/system/admin/update group save" API endpoint. Recommendations: For FlyCms version 1.0, as a temporary workaround,...