Описание
Duplicate Advisory: Kirby vulnerable to self cross-site scripting (self-XSS) in the URL field
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-57f2-8p89-66x6. This link is maintained to preserve external references.
Original Description
Kirby CMS v4.1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the URL parameter.
Пакеты
Наименование
getkirby/cms
composer
Затронутые версииВерсия исправления
<= 4.1.0
4.1.1
4.7 Medium
CVSS3
Дефекты
CWE-79
4.7 Medium
CVSS3
Дефекты
CWE-79