The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user’s credential to inject JavaScript and execute stored XSS attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
larvata flygo |