Security Advisory

CVE-2021-40888

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-11 10:04:39

Last updated 2024-08-04 02:51:07

Assigner mitre

State PUBLISHED

Description

Projectsend version r1295 is affected by Cross Site Scripting (XSS) due to lack of sanitization when echo output data in returnFilesIds() function. A low privilege user can call this function through process.php file and execute scripting code.

← Browse all CVEs View on cve.org ↗