CVE-2024-25411

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php.

flatpressblog/flatpress
flatpressblog/flatpress
FlatPress is a lightweight, easy-to-set-up flat-file blogging engine.
GitHubGitHub
209
paragbagul111/CVE-2024-25411
paragbagul111/CVE-2024-25411
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php
GitHubGitHub