Описание
ForkCMS XSS via publish_on_time parameter
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the publish_on_time Parameter. This issue was patched in version 5.11.0.
Пакеты
Наименование
forkcms/forkcms
composer
Затронутые версииВерсия исправления
< 5.11.0
5.11.0
Связанные уязвимости
CVSS3: 4.8
nvd
больше 3 лет назад
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publish_on_time" Parameter.