2 matches found
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel...
CVE-2019-14518
Evolution CMS 2.0.x is affected by CVE-2019-14518, which permits cross-site scripting via the description text and a template’s new category location. The issue affects Evolution CMS versions 2.0.x and stems from how template content can be manipulated to execute XSS. Vendor notes indicate the be...