Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors.
References
Link | Resource |
---|---|
https://osdn.net/projects/zerochplus/releases/77053 | Release Notes Third Party Advisory |
https://jvn.jp/en/jp/JVN59576930/index.html | Release Notes Third Party Advisory |
Configurations
Information
Published : 2022-03-31 01:15
Updated : 2022-04-07 13:17
NVD link : CVE-2022-27496
Mitre link : CVE-2022-27496
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
zero-channel_plus_project
- zero-channel_plus