Headline
GHSA-m99v-mmg2-66vf: Microweber Reflected Cross-site scripting (XSS) vulnerability
A Reflected Cross-site scripting (XSS) vulnerability exists in ‘/search’ in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the ‘keywords’ parameter.
Microweber Reflected Cross-site scripting (XSS) vulnerability
Moderate severity GitHub Reviewed Published Aug 6, 2024 to the GitHub Advisory Database • Updated Aug 6, 2024
Related news
Microweber 2.0.15 Cross Site Scripting
Microweber version 1.0 suffers from a cross site scripting vulnerability in the search functionality. Original discovery of cross site scripting in this version is attributed to tmrswrr in June of 2024.