XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths.
References
Link | Resource |
---|---|
https://docs.google.com/document/d/12rq4YIFZLSmZlEsq7d7hYCI1qO5xyIxA1Wrs1m4y9-4/preview | Mitigation Third Party Advisory |
https://github.com/mandatoryprogrammer/xsshunter-express/commit/56bb44ed9024849f64173f71583ecb7d873baba0 | Patch Third Party Advisory |
https://vuln.ryotak.me/advisories/57 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-17T15:11:54
Updated: 2021-09-18T15:22:06
Reserved: 2021-09-17T00:00:00
Link: CVE-2021-41317
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-09-17T16:15:07.660
Modified: 2021-09-28T16:01:14.137
Link: CVE-2021-41317
JSON object: View
Redhat Information
No data.
CWE