Reflecting XSS vulnerabitlies, unrestricted file upload and underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version)

Posted by Steffen Rösemann on Feb 13

Advisory: Reflecting XSS vulnerabitlies, unrestricted file upload and
underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta
version)
Advisory ID: SROEADV-2015-14
Author: Steffen Rösemann
Affected Software: Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version)
Vendor URL: https://github.com/kneecht/adminsystems
Vendor Status: will be patched
CVE-ID: –

==========================
Vulnerability Description:…

Leave a Reply