Vulnerability
Reflected XSS on page parameter in Flatpress 1.2.1
Description:
Page parameter does not sanitize input properly and reflect as it leads to reflected XSS attacks.
CVE-ID
CVE-2022-40047
Vendor
Flatpress
Product
FlatPress v1.2.1
Disclosure Timeline
Reported On: 27th July 2022
Made Public On: 28th Sep 2022
Fixed On: Fix in Progress
Credits
Sandeep Wawdane