Описание
Stored XSS in LavaLite 5.2.4
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code.
Пакеты
Наименование
lavalite/cms
composer
Затронутые версииВерсия исправления
<= 5.2.4
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
около 8 лет назад
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code.