NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class
Impact NukeViet CMS , which are stored server-side and executed in the browser of any user who views the content. Who is impacted: - Administrators and moderators who view user-submitted content e.g., contact messages, comments, or any module using the Request class for HTML input. - The Contact...