Описание
Cross-site scripting (XSS) vulnerability in Grav
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.
Пакеты
Наименование
getgrav/grav
composer
Затронутые версииВерсия исправления
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
почти 2 года назад
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.