exploitDog

GHSA-qwxc-7842-42p6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.ep (aka the PAGE TITLE Field).

There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.ep (aka the PAGE TITLE Field).

Ссылки

EPSS

Процентиль: 67%

0.00528

Низкий

CVE ID

Связанные уязвимости

CVE-2019-7410

CVSS3: 6.1

nvd

больше 5 лет назад

There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.ep (aka the PAGE TITLE Field).

EPSS

Процентиль: 67%

0.00528

Низкий

CVE ID