Security Advisory

CVE-2023-6027

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-30 13:38:43

Last updated 2024-08-02 08:21:17

Assigner INCIBE

State PUBLISHED

Description

A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled entries in the "/pmcadmin/configure.php" parameter.

← Browse all CVEs View on cve.org ↗