RSS   Vulnerabilities for 'Antsword redis'   RSS

2021-10-26
 
CVE-2021-41172

CWE-79
 

 
AS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is patched in version 0.5.

 


Copyright 2022, cxsecurity.com

 

Back to Top