2 matches found
CVE-2021-28002
A persistent cross-site scripting vulnerability was discovered in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote attackers to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Articles' page...
CVE-2021-28002
CVE-2021-28002 affects Textpattern CMS (version around 4.9.0) where the Excerpt parameter is vulnerable to persistent cross-site scripting. The issue is triggered when users visit the Articles page and a crafted payload in the URL field can allow an attacker to execute arbitrary code in the conte...