3 matches found
Cross-site Scripting (XSS)
Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via the tag name field in blog tag management. An attacker can execute arbitrary JavaScript in the browsers of users, including administrators, by...
Cross site scripting
Cross Site Scripting XSS vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the General menu via a crafted website name by doing an authenticated POST HTTP request to admin/tags/create...
Rapid7 Nexpose Create Tags Page Cross-Site Scripting Vulnerability
Rapid7 Nexpose is a suite of vulnerability management software from Rapid7 USA that can synthesize different scans to deeply probe a network. The software proactively scans configuration environments for errors, vulnerabilities, malware and provides guidance to reduce risk. A cross-site scripting...