3 matches found
CVE-2024-32744
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...
CVE-2024-32744
WonderCMS v3.4.3 contains a cross-site scripting (XSS) vulnerability in the Settings section. The flaw allows arbitrary script/HTML execution via a payload in the PAGE KEYWORDS parameter under the CURRENT PAGE module. Public sources confirm the affected component and trigger, but none provide a p...
CVE-2018-19905
HTML injection exists in razorCMS 3.4.8 via the //page keywords parameter...