The Crazy Bone WordPress plugin up to and including 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
crazy bone project crazy bone |