PT-2022-8061 · Unknown · Jmpotato Pomash

Name of the Vulnerable Software and Affected Versions: JmPotato Pomash affected versions not specified Description: A problematic vulnerability was found in JmPotato Pomash, affecting an unknown part of the file Pomash/theme/clean/templates/editor.html. The manipulation of the article.title,...

Pomash 跨站脚本漏洞

Pomash is a lightweight blogging system by the individual developer of JmPotato. Pomash suffers from a cross-site scripting vulnerability that stems from incorrect manipulation of the parameters article.title/content.title/article.tag leading to cross-site scripting...

CVE-2022-22125 Halo CMS - Stored Cross-Site Scripting (XSS) in Article's Tag

In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victim’s server...

CVE-2022-22125

In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victim’s server...