4 matches found
CVE-2022-33009
A stored cross-site scripting XSS vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file...
Cross site scripting
A stored cross-site scripting XSS vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file...
CVE-2022-33009
A stored cross-site scripting XSS vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file...
CVE-2022-33009
LightCMS v1.3.11 has a stored XSS vulnerability exploitable by uploading a crafted PDF file. Root cause: insufficient validation of user-supplied data and output filtering. Impact is client-side script execution. Affected version: LightCMS 1.3.11. No remediation details are provided in the suppli...