all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From Stored XSS to Code Execution using SocEng, BeEF and elFinder CVE-2021-45919

Add to bookmarks
Feb. 8, 2022, midnight |

SpiderLabs Blog from Trustwave www.trustwave.com

A stored cross-site scripting vulnerability, tracked as CVE-2021-45919, was identified in elFinder File Manager. The vulnerability can result in the theft of user credentials, tokens, and the ability to execute malicious JavaScript in the user's browser.

code code execution cve elfinder stored xss xss

Visit resource

More from www.trustwave.com / SpiderLabs Blog from Trustwave

Guardians of the Gateway: Identity and Access Management Best Practices 6 days, 13 hours ago | www.trustwave.com
access access management best practices blog +16
Protecting Zion: InfoSec Encryption Concepts and Tips 1 week, 6 days ago | www.trustwave.com
blog blog posts can concepts +11
EDR – The Multi-Tool of Security Defenses 2 weeks, 6 days ago | www.trustwave.com
blog blog posts can cybersecurity +10
The Invisible Battleground: Essentials of EASM 2 weeks, 6 days ago | www.trustwave.com
attack attack surface attack surface management cyber +13
Fake Dialog Boxes to Make Malware More Convincing 3 weeks, 4 days ago | www.trustwave.com
dialog engagement fake loader +7
The Secret Cipher: Modern Data Loss Prevention Solutions 3 weeks, 6 days ago | www.trustwave.com
automated can cipher data +18
CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway 1 month ago | www.trustwave.com
alto arbitrary code attacker code +25
CNAPP, CSPM, CIEM, CWPP – Oh My! 1 month ago | www.trustwave.com
alphabet ciem cnapp cspm +9
Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region 1 month, 1 week ago | www.trustwave.com
american attachment campaign deception +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Digital Security Infrastructure Manager

@ Wizz Air | Budapest, HU, H-1103
View on infosec-jobs.com

Sr. Solution Consultant

@ Highspot | Sydney
View on infosec-jobs.com

Cyber Security Analyst III

@ Love's Travel Stops | Oklahoma City, OK, US, 73120
View on infosec-jobs.com

Lead Security Engineer

@ JPMorgan Chase & Co. | Tampa, FL, United States
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Tulsa, OK, United States
View on infosec-jobs.com

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs