htmly is a simple and fast database-free PHP blogging platform and flat file CMS. htmly version 2.8.1 has a vulnerability in the “content” field of the “regular post” page in the “add content” menu of the dashboard. field of the “add content” menu in the dashboard is vulnerable to a stored cross-site scripting vulnerability. An attacker could exploit the vulnerability by sending a post-http request to add/content to inject arbitrary web script or HTML.
CPE | Name | Operator | Version |
---|---|---|---|
htmly htmly | eq | 2.8.1 |