3 matches found
CVE-2026-22209
wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators to inject malicious scripts by breaking out of style tags. Attackers with admin access can inject payloads like alert1 in the custom CSS setting to execute arbitrary JavaScript i...
📄 Invision Community 5.0.6 customCss Expression Injection
Invision Community version 5.0.6 customCss expression injection proof of concept exploit written in PHP. ============================================================================================================================================= | Title : Invision Community 5.0.6 customCss...
📄 Invision Community 5.0.6 Remote Code Execution
Invision Community versions 5.0.0 through 5.0.6 suffer from a customCss related remote code execution vulnerability. --------------------------------------------------------------------------- Invision Community = 5.0.6 customCss Remote Code Execution Vulnerability...