its-a-feature/Mythic

Releases309

Frequency6 days

Last Release about 9 hours ago

Stars4.52K

A collaborative, multi-platform, red teaming framework

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-23014 ↗	Jan 26, 2021Tuesday, 26 January 2021, 18:15	5.4 MEDIUM	3.5 LOW
APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user session and/or adding new users to the administration panel.