3 matches found
CVE-2022-45015
A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field...
CVE-2022-45015
A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field...
CVE-2022-45015
WBCE CMS v1.5.4 is affected by a cross-site scripting (XSS) vulnerability in the Search Settings module, exploitable via a crafted payload in the Results Footer field. The root cause is lack of proper filtering/escaping in user-supplied data in that field. Consequences stated include arbitrary we...