Latest Vulnerabilities and Exploits



CVE ID:

CVE-2021-3340

Details:

A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php.

References:

:https://sourceforge.net/p/wikindx/news/2021/01/wikindx-v641-released/
:https://sourceforge.net/projects/wikindx/

ZeroDayLab Assigned Tags:

WEB BASED ATTACK
REMOTE
CROSS SITE SCRIPTING - What is Cross Site Scripting?
INJECTION ATTACK