CVE-2024-25411
EUVD-2024-2274227.09.2024, 18:15
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| flatpress | flatpress | 𝑥 < 1.3 |
𝑥
= Vulnerable software versions