Headline
CVE-2022-35590: Cross-site Scripting (XSS) - Generic in forkcms
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the “end_date” Parameter
Bounties 86
Related news
GHSA-pw4j-r69m-rrr5: ForkCMS XSS via `end_date` parameter
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the `end_date` Parameter. This issue was patched in version 5.11.0.