Stored Cross-site Scripting (XSS)

getformwork/formwork is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper sanitization of input in the blog tag field, which allows an attacker to inject malicious scripts that execute in the browser of any authenticated user accessing or editing the affected blo...

Formwork 跨站脚本漏洞

Formwork is Formwork open source a flat file based content management system CMS. It is used to build and manage simple websites. A cross-site scripting vulnerability exists in Formwork versions prior to 2.2.0, which stems from an uncleaned blog tag field input that could lead to a stored...