CVE-2019-9570 A vulnerability has been found in SmartTagPlugin prior to version 1.2.21-6. It allows a remote attacker to inject arbitrary code via a crafted request. This code will be executed when the user requests a tag from the web interface. Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows attackers to inject own code through open redirects. This code will be executed when the user requests a tag from the web interface. This issue results from the lack of proper validation of user-supplied data when creating a new tag. An attacker can leverage this vulnerability to execute malicious code on a victim's system through a web request.
CVE-2019-9569 A vulnerability has been found in SmartTagPlugin prior to version 1.2.21-6. It allows a remote attacker to inject arbitrary code via a crafted request. This code will be executed when the user requests a tag from the web interface. Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows attackers to inject own code through open redirects. This code will be executed when the user requests a tag from the web interface. This issue results from the lack of proper validation of user-supplied data when creating a new tag. An attacker can leverage this vulnerability to execute malicious code on a victim's system through a web request.
CVE-
References ! CVE-2022-36859
CVE-2019-9570 A vulnerability has been found in SmartTagPlugin prior to version 1.2.21-6. It allows a remote attacker to inject arbitrary code via a crafted request. This code will be executed when the user requests a tag from the web interface. Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows attackers to inject own code through open redirects. This code will be executed when the user requests a tag from the web interface. This issue results from the lack of proper validation of user-supplied data when creating a new tag. An attacker can leverage this vulnerability to execute malicious code on a victim's system through a web request..
CVE-2019-9569 A vulnerability has been found in SmartTagPlugin prior to version 1.2.21-6. It allows a remote attacker to inject arbitrary code via a crafted request. This code will be executed when the user requests a tag from the web interface. Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows attackers to inject own code through open redirects. This code will be executed when the user requests a tag from the web interface. This issue results from the lack of proper validation of user-supplied data when creating a new tag..
Summary
SmartTagPlugin 1.2.21-6 suffers from various security vulnerabilities which allow attackers to execute malicious code on victim's system through a web request.
Timeline
Published on: 09/09/2022 15:15:00 UTC
Last modified on: 09/21/2022 20:35:00 UTC