2 matches found
CVE-2019-15476
Former before 4.2.1 has XSS via a checkbox value...
CVE-2019-15476
The CVE affects the Former form builder (pre-4.2.1) with XSS via an unsanitized checkbox value. Root cause per the sources is an injection path through a checkbox value in Checkable.php. Impact is cross-site scripting; remediation is upgrading to version 4.2.1 (or applying the supplied fix). No e...