4 matches found
CVE-2021-28088
Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...
CVE-2021-28088
Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...
CVE-2021-28088
Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...
CVE-2021-28088
ImpressCMS 1.4.2 is affected by a Cross-site Scripting (XSS) vulnerability in modules/content/admin/content.php, exploitable via the Display Name field. The root cause described across sources is inadequate input filtering in the Display Name parameter, enabling an attacker to inject arbitrary we...