Octech Oempro 4.7 through 4.11 allow stored XSS by an... · CVE-2020-9461 · GitHub Advisory Database · GitHub

Octech Oempro 4.7 through 4.11 allow stored XSS by an...

Low severity Unreviewed Published May 24, 2022 to the GitHub Advisory Database • Updated Jan 29, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable.

References

Published by the National Vulnerability Database

Apr 14, 2020

Published to the GitHub Advisory Database May 24, 2022

Last updated Jan 29, 2023