A cross-site scripting (XSS) vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field.
Vendor | Product | Version | CPE |
---|---|---|---|
enhavo | enhavo-app | * | cpe:2.3:a:enhavo:enhavo-app:*:*:*:*:*:*:*:* |