3 matches found
Microweber <1.2.12 - Stored Cross-Site Scripting
Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability. It allows unrestricted upload of XML files,. id: CVE-2022-0963 info: name: Microweber 1.2.12 - Stored Cross-Site Scripting author: amit-jd severity: medium description: | Microweber prior to 1.2.12 contains a stored...
CVE-2022-0963
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12...
CVE-2022-0963
Summary: Microweber prior to 1.2.12 has a stored XSS vulnerability caused by unrestricted XML file uploads. If an attacker can upload XML files, payloads may execute when users access the uploaded files. Affected software: Microweber CMS (GitHub microweber/microweber) versions before 1.2.12. Root...