Security Advisory

CVE-2021-3340

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-01 21:01:09

Last updated 2024-08-03 16:53:17

Assigner mitre

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php.

← Browse all CVEs View on cve.org ↗