CVE-2021-4035 Wocu Monitoring stored Cross-Site Scripting (XSS)

A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an account with enough privileges to view and edit reports...

Wocu Monitoring 跨站脚本漏洞

Wocu Monitoring is a console for Wocu. A cross-site scripting vulnerability exists in Wocu Monitoring versions 0.27 through 48.2, which stems from an outdated version of the tinymce editor that lacks filtering and escaping in the comments that create reports...