Advisory #43
Titletransfer.sh cross-site scripting via inline view
CVE IDCVE-2021-33496
VendorDutchcoders
Affected producttransfer.sh
Affected versions- 1.2.3
Vulnerability typeCWE-79 (Cross-site Scripting)
Descriptiontransfer.sh has a vulnerability that allows cross-site scripting via specially crafted file.
StatusFixed in 1.2.4
RecommendationUpdate to 1.2.4 or above.