Vulnerabilities

CVE-2021-26549

by Fred · 09/02/2021

An XSS issue was discovered in SmartFoxServer 2.17.0. Input passed to the AdminTool console is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML code in a user’s browser session in context of an affected site.

Date published : 2021-02-09

http://packetstormsecurity.com/files/161335/SmartFoxServer-2X-2.17.0-God-Mode-Console-WebSocket-Cross-Site-Scripting.html

https://www.smartfoxserver.com

Similar

Tags: Cybersecurity Alert