CVE-2022-21805

Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.

Date published : 2022-02-08

https://github.com/econosys-system/php_mailform

https://jvn.jp/en/jp/JVN16690037/index.html