2 matches found
GHSA-PP74-G2Q5-J4JF Silverstipe CMS Stored XSS in custom meta tags
A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit...
PT-2022-23986 · Silverstripe · Silverstripe Cms
Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/cms versions 4.11.0 and earlier Description: The issue allows for XSS Cross-Site Scripting attacks. A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would...