Kirby 跨站脚本漏洞

Kirby is a file-based content management system CMS. A cross-site scripting vulnerability exists in Kirby versions 3.5.8.2 and earlier, 3.6.0 through 3.6.6.2, 3.7.0 through 3.7.5.1, 3.8.0 through 3.8.4, and 3.9.0 through 3.9.5, which can be exploited to allow an editor with write access to a Kirb...

PT-2023-26472

Name of the Vulnerable Software and Affected Versions Kirby versions prior to 3.5.8.3 Kirby versions prior to 3.6.6.3 Kirby versions prior to 3.7.5.2 Kirby versions prior to 3.8.4.1 Kirby versions prior to 3.9.6 Description The issue affects Kirby sites that allow file uploads from untrusted user...