| Title | The Cute File Explorer (chfs) shared file system has a reflection cross-site scripting vulnerability |
|---|
| Description | Cute Http File Server (chfs) is a free, HTTP protocol file sharing server that can be accessed quickly using a browser.
Due to incorrect configuration, the hacker logs in to the chfs background using the default password and fails to verify the user input in the file search box. As a result, malicious data can be constructed to cause cross-site scripting attacks. |
|---|
| Source | ⚠️ https://github.com/goodric/chfs/edit/main/README.md |
|---|
| User | goodric (UID 43258) |
|---|
| Submission | 07/21/2023 12:31 (3 years ago) |
|---|
| Moderation | 08/02/2023 22:29 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 235965 [Cute Http File Server 2.0 Search cross site scripting] |
|---|
| Points | 18 |
|---|