2 matches found
Symphony CMS Cross-Site Scripting (CVE-2015-8376)
A cross site scripting vulnerability exists in Symphony CMS. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
CVE-2015-8376
CVE-2015-8376 affects Symphony CMS 2.6.3, where multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the Name, Navigation Group, or Label parameters to blueprints/sections/edit/1. The root cause is insufficient input filtering in th...