Lucene search
Fork-cmsFork Cms
2 matches found
CVE-2014-9470
Cross-site scripting (XSS) vulnerability in the loadForm function in Frontend/Modules/Search/Actions/Index.php in Fork CMS before 3.8.4 allows remote attackers to inject arbitrary web script or HTML via the q_widget parameter to en/search.
6.1CVSS6AI score0.0087EPSS
CVE-2020-13633
Fork before 5.8.3 allows XSS via navigation_title or title.
6.1CVSS5.9AI score0.0024EPSS