3 matches found
EUVD-2024-55342
Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into user profile fields. Attackers can input script payloads in the first name field that will execute when the profile is viewed by other users, potentially...
CVE-2024-58289
Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into user profile fields. Attackers can input script payloads in the first name field that will execute when the profile is viewed by other users, potentially...
PT-2025-50743
Name of the Vulnerable Software and Affected Versions Microweber version 2.0.15 Description The software contains a stored cross-site scripting issue that allows authenticated attackers to inject malicious scripts into user profile fields. Specifically, attackers can input script payloads into th...