2 matches found
CVE-2018-16727
razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component...
CVE-2018-16727
razorCMS 3.4.7 is affected by a Stored XSS in the Settings component via the homepage keywords parameter. The CNVD entry additionally notes that a remote attacker can execute arbitrary code in a user’s browser through this vector. No patch/version details or mitigations are provided in the connec...