1 results (0.002 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-40813
https://notcve.org/view.php?id=CVE-2021-40813
13 Jan 2022 — A cross-site scripting (XSS) vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames. Una vulnerabilidad de tipo cross-site scripting (XSS) en la función "Zip content" de Element-IT HTTP Commander versión 3.1.9, permite a usuarios remotos autenticados inyectar scripts web o HTML arbitrarios por medio de nombres de archivos • https://www.element-it.com/products.aspx • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •