CVE-2024-32743

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module...

WonderCMS 安全漏洞

WonderCMS is an open source PHP-based content management system CMS. A security vulnerability exists in WonderCMS version v3.4.3, which originates from a cross-site scripting XSS vulnerability in the Settings section. An attacker can exploit this vulnerability to execute arbitrary web script or...

CVE-2024-32743

CVE-2024-32743 affects WonderCMS v3.4.3. A cross-site scripting (XSS) vulnerability exists in the Settings section via the SITE LANGUAGE CONFIG parameter under the Security module, allowing an attacker to execute arbitrary web scripts or HTML. Root cause is improper handling of input in the Setti...

PT-2024-24821 · Wondercms · Wondercms

Name of the Vulnerable Software and Affected Versions: WonderCMS version 3.4.3 Description: A cross-site scripting XSS vulnerability in the Settings section allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the...

Cross site scripting

An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page...

WeaselCMS Cross-Site Scripting Vulnerability

WeaselCMS is a lightweight content management system CMS written in PHP. A cross-site scripting vulnerability exists in WeaselCMS version 0.3.5. A remote attacker can exploit this vulnerability to execute JavaScript code via the Site Language, Site Title, Site Description, and Site Keywords field...