Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the article name field in plugins/content/pages/content.php, accessible over the content/edit endpoint. An attacker can steal cookies and perform session hijacking by injecting malicious scripts. Details...