Headline
CVE-2023-36291: Add SECURITY.md · Issue #500 · maxsite/cms
Cross Site Scripting vulnerability in Maxsite CMS v.108.7 allows a remote attacker to execute arbitrary code via the f_content parameter in the admin/page_new file.
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@nguyenngocquang700) has found a potential issue, which I would be eager to share with you.
Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.
Looking forward to hearing from you 👍
(cc @huntr-helper)