CVE-2023-43828

A Cross-site scripting XSS vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter...

Subrion Cross-Site Scripting Vulnerability

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports a variety of extensions plug-ins and more. A cross-site scripting vulnerability exists in Subrion v4.2.1, which originates from a cross-site scripting XSS...

PT-2023-29004 · Subrion · Subrion

Name of the Vulnerable Software and Affected Versions: Subrion version 4.2.1 Description: A Cross-site scripting XSS issue exists in the /panel/languages/ endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Title parameter. This enables...