ptrofimov/beanstalk_console is vulnerable to cross-site scripting. The vulnerability exists in include.php
due to improper sanitizing of user inputs which allows an attacker to insert and execute arbitrary Javascript.
CPE | Name | Operator | Version |
---|---|---|---|
ptrofimov/beanstalk_console | le | 1.7.12 | |
ptrofimov/beanstalk_console | le | 1.7.12 |
github.com/advisories/GHSA-gj85-pvp5-mvf9
github.com/ptrofimov/beanstalk_console/blob/95d5808836034835fc33500c6a82276277fabdf9/lib/include.php#L22
github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19da
github.com/ptrofimov/beanstalk_console/pull/181
huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7