JhumanJ OpnForm submissions cross site scripting

A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this vulnerability is an unknown functionality of the file /show/submissions. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The identifier of the patch is a2af1184e53953afa8cb052f4055f288adcaa608. To fix this issue, it is recommended to deploy a patch.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

OpnForm 代码注入漏洞

OpnForm是Julien Nahum个人开发者的一个表单生成器。 OpnForm 1.9.3及之前版本存在代码注入漏洞，该漏洞源于文件/show/submissions存在跨站脚本攻击。

N/A

N/A