Security Advisory

CVE-2013-3261

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-06-01 10:00:00

Last updated 2024-09-16 20:53:29

Assigner flexera

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action.

← Browse all CVEs View on cve.org ↗