2 matches found
Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly sanitize user inputs before it outputs to the front end, allowing an attacker to inject and execute malicious javascript through the reviewSession function in AssetIndexer.ts...
Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly sanitize user inputs before it output to the front end, allowing an attacker to inject and execute malicious javascript through the getIndexingSessionRowHtml function in AssetIndexer.ts via the Update...