CVE-2018-18824

WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/filemanager/browse/...

CVE-2018-18824

WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/filemanager/browse/...

CVE-2019-10646

Wolf CMS v0.8.3.1 is affected by cross site scripting XSS in the module Add Snippet /?/admin/snippet/add. This allows an attacker to insert arbitrary JavaScript as user input, which will be executed whenever the affected snippet is loaded...

CVE-2019-10646

Wolf CMS v0.8.3.1 is affected by cross site scripting XSS in the module Add Snippet /?/admin/snippet/add. This allows an attacker to insert arbitrary JavaScript as user input, which will be executed whenever the affected snippet is loaded...

CVE-2019-10646

Wolf CMS v0.8.3.1 is affected by cross site scripting XSS in the module Add Snippet /?/admin/snippet/add. This allows an attacker to insert arbitrary JavaScript as user input, which will be executed whenever the affected snippet is loaded...

CVE-2019-10646

CVE-2019-10646 affects Wolf CMS v0.8.3.1 with a reflected/stored XSS in the Add Snippet module (/?/admin/snippet/add). An attacker can inject arbitrary JavaScript as user input, which executes when the affected snippet loads. This vulnerability is confirmed by multiple sources in the connected do...

CVE-2018-1000087

CVE-2018-1000087 – WolfCMS 0.8.3.1 has a reflected cross-site scripting vulnerability in the input boxes for “Create New File” and “Create New Directory” on the File tab. According to the connected sources, unsanitized input reflects back in the browser, enabling an attacker to inject JavaScript....