Stored Cross-Site Scripting Vulnerability in Testimonial Rotator 3.0.3 Allows Privilege Escalation
CVE-2021-24156 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Stored Cross-Site Scripting vulnerabilities in Testimonial Rotator 3.0.3 allow low privileged users (Contributor) to inject arbitrary JavaScript code or HTML without approval. This could lead to privilege escalation
Learn more about our User Device Pen Test.