- Lana Codes
- Common Vulnerabilities
YourChannel by Plugin Builders <= 1.2.1 - Subscriber+ Stored XSS
LANACOMMONVDB ID: b060b655-dec8-45d2-ada1-23fd78771b3e
The plugin does not sanitize and escape some parameters, which could allow users with a role as low as subscriber to perform Cross-Site Scripting (XSS) attacks.
You must be log in to view vulnerability details.
Or register a new account.