6 matches found
CVE-2022-35589
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter...
Cross-site Scripting (XSS)
forkcms/forkcms is vulnerable to cross-site scripting attacks. The vulnerability exists because the SpoonLibrary does not properly handle uppercase characters, which allows remote authenticated attackers to inject and execute malicious javascript via the publishontime Parameter...
ForkCMS XSS via `publish_on_time` parameter
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the publishontime Parameter. This issue was patched in version 5.11.0...
CVE-2022-35589
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter...
Cross site scripting
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter...
Cross-site Scripting (XSS) - Generic in forkcms/forkcms
✍️ Description A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter 🕵️♂️ Proof of Concept Vulnerable Parameter: publishontime XSS payload: 17:59'"&%alert1 Steps to reproduce issue 1- Login to Fork admin panel 2-...