Vulnerability CVE-2023-26776


Published: 2023-04-04

Description:
Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the post_receiver-services.php file.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Monitorr 1.7.6 Cross Site Scripting
Achuth V P
05.04.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://twitter.com/retrymp3
https://github.com/Monitorr/Monitorr/blob/3ebfd915bfb02aae2ded08c5e4ba6b1bea3009f2/assets/php/post_receiver-services.php
https://github.com/Monitorr/Monitorr
https://github.com/Monitorr

Copyright 2024, cxsecurity.com

 

Back to Top