CVE-2022-21805

Summary

Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
econosys systemphp_mailformversions prior to Version 1.40affected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References