Описание
October CMS XSS
October CMS build 412 is vulnerable to stored XSS in brand logo image name resulting in JavaScript code execution in the victim's browser.
Пакеты
Наименование
october/october
composer
Затронутые версииВерсия исправления
<= 1.0.412
1.0.413
Связанные уязвимости
CVSS3: 6.1
nvd
около 8 лет назад
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser.