CVE-2022-21805

Published February 8th, 2022

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.

econosys-system/php_mailform

カスタマイズ自由なPHPメールフォーム。PHP7，Bootstrap、レスポンシブ対応。

GitHub