2 matches found
CVE-2022-35590
A cross-site scripting XSS issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the "enddate" Parameter...
CVE-2022-35590
ForkCMS 5.9.3 contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript via the end_date parameter due to insufficient input sanitization. This affects ForkCMS and is documented across multiple sources (including Red Hat and Veracode references). The is...