CVE-2022-28599
CVE-2022-28599 affects FUEL-CMS 1.5.1. The vulnerability is a stored XSS where an authenticated user can upload a malicious .pdf file that acts as the payload; if an administrator triggers it, a stored XSS attack occurs. The provided documents do not specify a patch version or remediation steps. ...