Headline
GHSA-jrvr-gmqv-hgrh: Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS in version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
Moderate severity GitHub Reviewed Published Nov 9, 2022 • Updated Nov 9, 2022
Related news
CVE-2022-43121: Cross Site Scripting (XSS) in Members Add · Issue #895 · intelliants/subrion
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.