Lucene search
China National Vulnerability DatabaseCNVD-2022-86343HistoryNov 23, 2022 - 12:00 a.m.
WBCE CMS Section Header Field Cross-Site Scripting Vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
wbce cms
cross-site scripting
section header
show advanced option
mysql
php
vulnerability
xss attacks
attackers
user-supplied data
filtering.
0.001 Low
EPSS
Percentile
32.6%
WBCE CMS is an open source content management system (CMS) based on PHP and MySQL.WBCE CMS v1.5.4 and its previous versions have a cross-site scripting vulnerability, which originates from the lack of effective filtering and escaping of user-supplied data in the Section Header field of the Show Advanced Option module, which can be exploited by attackers to inject cross-site code and launch XSS attacks .
| CPE | Name | Operator | Version |
|---|---|---|---|
| wbce wbce cms | le | 1.5.4 |
Related
cve
cve
CVE-2022-45013
2022-11-21 15:15:11
osv
osv
CVE-2022-45013
2022-11-21 15:15:11
nvd
nvd
CVE-2022-45013
2022-11-21 15:15:11
cvelist
cvelist
CVE-2022-45013
2022-11-21 00:00:00
prion
prion
Cross site scripting
2022-11-21 15:15:00