WBCE CMS is an open source content management system (CMS) based on PHP and MySQL.WBCE CMS v1.5.4 and its previous versions have a cross-site scripting vulnerability, which originates from the lack of effective filtering and escaping of user-supplied data in the Section Header field of the Show Advanced Option module, which can be exploited by attackers to inject cross-site code and launch XSS attacks .
CPE | Name | Operator | Version |
---|---|---|---|
wbce wbce cms | le | 1.5.4 |