CVE-2021-40926
Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers
Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.
MEDIUM · CVSS 6.1
EPSS 0.00284
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0