Описание
Microweber has Reflected XSS Vulnerability in the layout Parameter
Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
>= 2.0.0, <= 2.0.19
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
6 месяцев назад
Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users.