2 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of links in KirbyTags and image blocks in the site frontend when untrusted user input is processed. An attacker can execute arbitrary JavaScript code in the context of site visitors or logged-i...
PT-2026-44155
Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.1 Kirby versions prior to 5.4.1 Description Kirby is an open-source content management system. A stored Cross-site scripting XSS issue exists where the system fails to filter malicious URL values that resolve to...