Cross site scripting

2021-10-0414:15:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

A Stored XSS via Malicious File Upload exists in Gila CMS version 2.2.0. An attacker can use this to steal cookies, passwords or to run arbitrary code on a victim’s browser.

CPENameOperatorVersion
gila_cmseq2.2.0

CPE	Name	Operator	Version
	gila_cms	eq	2.2.0

References

www.navidkagalwalla.com/gila-cms-vulnerabilities