1 results (0.005 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43682
https://notcve.org/view.php?id=CVE-2021-43682
02 Dec 2021 — thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross Site Scripting (XSS) vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $_SERVER['HTTP_HOST']. thinkphp-bjyblog (última actualización Jun 4 2021) se ve afectado por una vulnerabilidad de Cross Site Scripting (XSS) en AdminBaseController.class.php. La función exit termina el script e imprime un mensaje al usuario que contiene $_SERVER['HTTP_HOST'] • https://github.com/baijunyao/thinkphp-bjyblog/issues/6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •