Описание
Cross-site scripting in forkcms
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
Пакеты
Наименование
forkcms/forkcms
composer
Затронутые версииВерсия исправления
< 5.8.3
5.8.3
Связанные уязвимости
CVSS3: 6.1
nvd
почти 5 лет назад
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.