Описание
Cross Site Scripting in LavaLite CMS
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Пакеты
Наименование
lavalite/cms
composer
Затронутые версииВерсия исправления
<= 5.8.0
Отсутствует
Связанные уязвимости
CVSS3: 4.8
nvd
больше 4 лет назад
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".