CVE-2019-7169

2019-01-2918:29:00

Google

osv.dev

AI Score

Confidence

High

EPSS

0.001

Percentile

24.8%

JSON

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.

References

github.com/croogo/croogo/issues/888