First published: Mon Aug 26 2024(Updated: )
A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xiebruce Picuploader | <2024-02-13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.