1 results (0.005 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40926
https://notcve.org/view.php?id=CVE-2021-40926
Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter. Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo demos/demo.mysqli.php en getID3 versiones 1.X y v2.0.0-beta, permiten a atacantes remotos inyectar scripts web o HTML arbitrarios por medio del parámetro showtagfiles • https://github.com/JamesHeinrich/getID3 https://github.com/JamesHeinrich/getID3/issues/341 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •