dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting (XSS) vulnerability in explorerfile.php. The output of the exit function is printed for the user via exit(json_encode($return)).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/zyx0814/dzzoffice/issues/188 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-03T11:36:13
Updated: 2024-08-04T04:03:08.620Z
Reserved: 2021-11-15T00:00:00
Link: CVE-2021-43673
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-12-03T12:15:07.587
Modified: 2024-11-21T06:29:35.260
Link: CVE-2021-43673
Redhat
No data.