2 matches found
No-CMS Cross-Site Scripting Vulnerability
No-CMS is a free content management system. The system supports authentication and authorization, custom themes and module extensions. A cross-site scripting vulnerability exists in No-CMS version 1.1.3. A remote attacker can use the 'keyword' parameter on the blog/managearticle page to inject...
Cross site scripting
No-CMS 1.1.3 is prone to Persistent XSS via the blog/managearticle/index/ "articletitle" parameter...