4 matches found
CVE-2019-7168
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...
CVE-2019-7168
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...
CVE-2019-7168
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...
CVE-2019-7168
CVE-2019-7168 is a stored-self XSS in Croogo CMS prior to or at version 3.0.5, enabling an attacker to execute HTML or JavaScript via the Blog field at /admin/nodes/nodes/add/blog. The Red Hat/EUVD/OSV entries and GitHub advisories corroborate a Croogo-based XSS issue with Croogo 3.0.5. The avail...