Security Advisory

CVE-2023-37658

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-11 00:00:00

Last updated 2024-11-08 15:03:15

Assigner mitre

State PUBLISHED

Description

fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File upload check binary of img, but without strictly check file suffix at /server/fast.py -> ApiUploadHandler.post causes stored XSS

← Browse all CVEs View on cve.org ↗