Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-3wmg-28v9-8hf6: Subrion CMS is vulnerable to Cross-Site Scripting (XSS)

A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.

ghsa
Open in Source
#xss#vulnerability#web#git#intel

Subrion CMS is vulnerable to Cross-Site Scripting (XSS)

Moderate severity GitHub Reviewed Published Nov 9, 2022 • Updated Nov 9, 2022

Related news

CVE-2022-43120: Cross Site Scripting (XSS) in Add Field Page · Issue #894 · intelliants/subrion

A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.

ghsa: Latest News

GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails
ghsa