3 matches found
CVE-2018-16726
razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component...
CVE-2018-16726
razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component...
CVE-2018-16726
razorCMS 3.4.7 is affected by an HTML injection vulnerability: attackers can inject HTML via the homepage description in the Settings component. The issue is confirmed across multiple sources (NVD/CNVD) and is tied to the description field rather than a dedicated input validation path. The provid...