1 matches found
CVE-2022-46889
A persistent cross-site scripting XSS vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php...