Filtered by vendor Apfell Project Subscriptions
Filtered by product Apfell Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-23014 1 Apfell Project 1 Apfell 2024-11-21 5.4 Medium
APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user session and/or adding new users to the administration panel.