Описание
Mezzanine CMS vulnerable to Cross-site Scripting
A cross-site scripting (XSS) vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a blog post.
Пакеты
Наименование
Mezzanine
pip
Затронутые версииВерсия исправления
<= 6.1.0
Отсутствует
Связанные уязвимости
CVSS3: 4.8
nvd
23 дня назад
A cross-site scripting (XSS) vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a blog post.