3 matches found
MainWP: Reflected XSS in "Manage Tags" Notes Field
A reflected Cross-Site Scripting XSS vulnerability was discovered in the "Notes" input field under the Manage Tags section. Arbitrary input entered into this field was reflected back and executed immediately upon saving, due to the lack of proper input sanitization and output encoding...
HTML Injection vulnerability in create tag functionality
Vulnerability Details In the Microweber CMS, While doing a live edit on to the application, we have the option to create a new global tag in the application. While creating a global tag, the "Tag Name" input field doesn't properly get sanitized and it's vulnerable to HTML Injection vulnerability...
Cross-site Scripting (XSS) - Stored in microweber/microweber
Description There is a reflected XSS in creating and searching tag function . where any user can execute any malicious code results in the cookie stealing or Account takeover vulnerability Steps to Produce: Go to this particular URL URL Click on live edit , Now In the tag section and select the...