RSS   Vulnerabilities for 'Lychee'   RSS

2021-12-15
 
CVE-2021-43675

CWE-79
 

 
Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user.

 


Copyright 2024, cxsecurity.com

 

Back to Top