3 matches found
CVE-2022-30073
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting XSS via /admin/users/save.php...
CVE-2022-30073
creationtimestamp| type| source ---|---|--- 2022-05-17 20:27:37+00:00| seen| https://t.me/cibsecurity/42830...
CVE-2022-30073
WBCE CMS 1.5.2 contains a stored Cross‑Site Scripting (XSS) vulnerability in the Display Name parameter of /admin\Users\save.php. The Nuclei template confirms the flaw as stored XSS with practical impact information: injection of malicious scripts into pages viewed by other users, potentially ena...