Description
The Redis Manage plugin(versions < v0.5) for AntSword is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution.
Impact
Redis Manager Plugin Version < v0.5
Patches
Redis Manager Plugin Version >= v0.5
Discoverer
cc7v@校长
References
For more information
If you have any questions or comments about this advisory:
Description
The Redis Manage plugin(versions < v0.5) for AntSword is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution.
Impact
Redis Manager Plugin Version < v0.5
Patches
Redis Manager Plugin Version >= v0.5
Discoverer
cc7v@校长
References
For more information
If you have any questions or comments about this advisory: