Description
Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) before commit 6c3710430be26feb5371cb0377e5355d6f9a27ca allows remote attackers to inject arbitrary web script or HTML via the Description field in a Site name updated.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Super Cache Multiple Vulnerabilities (1.4.4)
WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)
WordPress Plugin WP-Stats-Dashboard Multiple Cross-Site Scripting Vulnerabilities (2.6.5.1)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.5)