2 matches found
CVE-2022-45037
A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...
CVE-2022-45037
WBCE CMS v1.5.4 contains a stored cross-site scripting (XSS) vulnerability in /admin/users/index.php. The issue allows an attacker to inject arbitrary web scripts or HTML via the Display Name field, potentially leading to execution in pages viewed by other users. Nuclei templates label this as St...