2 matches found
CVE-2021-41236
CVE-2021-41236 affects the OroPlatform PHP Business Application Platform. The vulnerability lies in the email template preview function, where an XSS payload placed in email template content can execute when a user previews the template. An attacker must have permission to create or edit an email...
CVE-2021-41236 XSS vulnerability in oro/platform
OroPlatform is a PHP Business Application Platform. In affected versions the email template preview is vulnerable to XSS payload added to email template content. An attacker must have permission to create or edit an email template. For successful payload, execution the attacked user must preview ...