2 matches found
Cross-site Scripting (XSS)
Overview @payloadcms/plugin-mcp is a MCP Model Context Protocol capabilities with Payload Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin panel when user-supplied content is saved in a collection with versions enabled. An attacker can execute arbitrary...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin panel when user-supplied content is saved in a collection with versions enabled. An attacker can execute arbitrary scripts in the context of another user's browser by submitting crafted input and...