Headline
GHSA-6346-5r4h-ff5x: Microweber vulnerable to cross-site scripting (XSS)
Microweber is a drag and drop website builder and a powerful next generation CMS. Microweber versions 1.2.15 and prior are vulnerable to cross-site scripting. This could lead to injection of arbitrary JaveScript code, defacement of a page, or stealing cookies. A patch is available on the master branch of Microweber’s GitHub repository.
Microweber vulnerable to cross-site scripting (XSS)
High severity GitHub Reviewed Published May 5, 2022 • Updated May 5, 2022
Related news
CVE-2022-1555: DOM XSS in microweber ver 1.2.15 in microweber
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...