3 matches found
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
Subrion CMS v4.2.1 has an XSS in the CMS Field Add page, allowing arbitrary script/HTML via the tooltip text field. Root cause cited as insufficient sanitization in admin-controllable input (notably in fields.php: _assignValues). CVSS 3.1 base score 6.1 (NETWORK, LOW attack complexity, USER inter...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...