Headline
GHSA-5mqq-7g25-r4wx: FeehiCMS vulnerable to Cross-Site scripting via crafted payload
FeehiCMS versions 2.0.1.1 and prior contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module. There are no patches and no known workarounds for this issue.
FeehiCMS vulnerable to Cross-Site scripting via crafted payload
Moderate severity GitHub Reviewed Published Sep 30, 2022 • Updated Oct 1, 2022
Related news
CVE-2022-40408: There are some XSS vulnerabilities in FeehiCMS-2.1.1 · Issue #3 · liufee/feehicms
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.