CVE-2014-7264

Multiple cross-site scripting XSS vulnerabilities in admin/themes/default/pages/manageusers.twig in the Users Management feature in the admin component in Chyrp before 2.5.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 user.email or 2 user.website field in a...