Описание
Microweber's title parameter in the body of POST request vulnerable to stored XSS
In Microweber prior to v1.3.1, the title parameter in the body of POST request when creating/editing a category is vulnerable to stored cross-site scripting.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
< 1.3.1
1.3.1
Связанные уязвимости
CVSS3: 5.4
nvd
больше 3 лет назад
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1.