CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43697
https://notcve.org/view.php?id=CVE-2021-43697
Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability. Workerman-ThinkPHP-Redis (última actualización 16 de marzo de 2018) está afectado por una vulnerabilidad de Cross Site Scripting (XSS). En el archivo Controller.class.php, la función exit terminará el script e imprimirá el mensaje al usuario. • https://github.com/happyliu2014/Workerman-ThinkPHP-Redis/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •