Описание
Microweber Has Stored XSS Vulnerability in User Profile Fields
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
>= 2.0.0, <= 2.0.19
Отсутствует
Связанные уязвимости
CVSS3: 7.6
nvd
6 месяцев назад
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.