Due to insufficient input sanitization and output escaping, authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages, which will execute whenever a user accesses an affected page.

This vulnerability affects the following application versions:

  • LiteSpeed Cache 3.6.4
  • LiteSpeed Cache 4.0
  • LiteSpeed Cache 4.1
  • LiteSpeed Cache 4.2
  • LiteSpeed Cache 4.3
  • LiteSpeed Cache 4.4
  • LiteSpeed Cache 4.4.1
  • LiteSpeed Cache 4.4.2
  • LiteSpeed Cache 4.4.3
  • LiteSpeed Cache 4.4.4
  • LiteSpeed Cache 4.4.5
  • LiteSpeed Cache 4.4.6
  • LiteSpeed Cache 4.4.7
  • LiteSpeed Cache 4.5
  • LiteSpeed Cache 4.5.0.1
  • LiteSpeed Cache 4.6
  • LiteSpeed Cache 5.0
  • LiteSpeed Cache 5.0.0.1
  • LiteSpeed Cache 5.0.1
  • LiteSpeed Cache 5.1
  • LiteSpeed Cache 5.2
  • LiteSpeed Cache 5.2.1
  • LiteSpeed Cache 5.3
  • LiteSpeed Cache 5.3.1
  • LiteSpeed Cache 5.3.2
  • LiteSpeed Cache 5.3.3
  • LiteSpeed Cache 5.4
  • LiteSpeed Cache 5.5
  • LiteSpeed Cache 5.5.1
  • LiteSpeed Cache 5.6
  • LiteSpeed Cache 5.7
  • LiteSpeed Cache 5.7.0.1
  • LiteSpeed Cache 6.0
  • LiteSpeed Cache 6.0.0.1
  • LiteSpeed Cache 6.1
  • LiteSpeed Cache 6.2
  • LiteSpeed Cache 6.2.0.1
  • LiteSpeed Cache 6.3
  • LiteSpeed Cache 6.3.0.1
  • LiteSpeed Cache 6.4
  • LiteSpeed Cache 6.4.1
  • LiteSpeed Cache 6.5
  • LiteSpeed Cache 6.5.0.1
  • LiteSpeed Cache 6.5.0.2

Skriv et svar

Din e-mailadresse vil ikke blive publiceret. Krævede felter er markeret med *