3 matches found
CI4MS 跨站脚本漏洞
CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.2.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the failure to properly clean up user-controlled inputs in the system settings – company information section. A...
CVE-2023-33409
Minical 1.0.0 is vulnerable to Cross Site Request Forgery CSRF via minical/public/application/controllers/settings/company.php...
PT-2023-24335 · Minical · Minical
Name of the Vulnerable Software and Affected Versions: Minical version 1.0.0 Description: The issue is related to Cross Site Request Forgery CSRF via the minical/public/application/controllers/settings/company.php file. This means an attacker could potentially trick a user into performing...