Dreamer CMS is a dreamer content management system. Dreamer CMS version v4.1.3 suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the component /admin/u/toIndex, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
dreamer cms dreamer cms v | eq | 4.1.3 |