A vulnerability has been found in Crow and classified as problematic. This vulnerability affects an unknown functionality of the component Attribute Handler. Upgrading to version 0.3+4 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Crow prior 0.3+4 Attribute the cross site scripting
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker