CVE-2022-38295
CVE-2022-38295 affects Cuppa CMS v1.0. The vulnerability is a cross-site scripting flaw in the Add New Group workflow, exploitable via a crafted payload in the Name field at /table_manager/view/cu_user_groups, allowing execution of arbitrary web scripts/HTML. Public docs identify the impact as ex...