Page 4 of 17 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

phpList before 3.5.4 allows XSS via /lists/admin/user.php and /lists/admin/users.php. phpList versiones anteriores a 3.5.4, permite un ataque de tipo XSS por medio de los archivos /lists/admin/user.php y /lists/admin/users.php • https://www.phplist.org/newslist/phplist-3-5-4-release-notes https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php. phpList versiones anteriores a la versión 3.5.3, permiten un ataque de tipo XSS, dando como resultado una ascenso de privilegios, por medio del archivo lists/admin/template.php. • https://github.com/phpList/phplist3/compare/3.5.2...3.5.3 https://www.phplist.org/newslist/phplist-3-5-3-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •