2 matches found
CVE-2020-15599
Victor CMS through 2019-02-28 allows XSS via the register.php userfirstname or userlastname field...
CVE-2020-15599
Victor CMS (pre-2019-02-28) is affected by CVE-2020-15599 due to stored XSS in the register.php form fields user_firstname and user_lastname. The vulnerability arises from insufficient input validation on client-side data, enabling execution of injected scripts in user browsers. A publicly docume...