CVE-2017-6068
Subrion CMS 4.0.5 is affected by a CSRF flaw in admin/blocks/add/ that allows an attacker to create blocks and potentially inject XSS through the content parameter. The root cause is a CSRF vulnerability in the block-creation endpoint; exploitation details and whether an in-the-wild exploit exist...