Advisory #4
Titlebluemonday cross-site scripting via uppercase Cyrillic i
CVE IDCVE-2021-29272
VendorMicrocosm
Affected productbluemonday
Affected versions- 1.0.4
Vulnerability typeCWE-79 (Cross-site Scripting)
Descriptionbluemonday has a vulnerability that allows an attacker to bypass sanitization via the uppercase Cyrillic i.
StatusFixed in 1.0.5
RecommendationUpdate to version 1.0.5 or later.