Gila CMS is an open source content management system (CMS) based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS version 1.11.3, which stems from the lack of effective filtering and escaping of user-supplied data by the parameter adm_user, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
gila cms gila cms | eq | 1.11.3 |