2 matches found
CVE-2022-1163
MineWebCMS (GitHub repo mineweb/minewebcms) 1.15.2 contains a stored Cross-site Scripting (XSS) vulnerability. The issue is triggered by input fields in the admin interface (e.g., Link Name and URL) that accept data from untrusted sources and later render it in pages, enabling script execution in...
CVE-2020-18693
The CVE-2020-18693 issue affects MineWebCMS v1.7.0, with a Cross Site Scripting (XSS) flaw in the Title field of the /admin/news component. The vulnerability is described as allowing remote attackers to execute arbitrary code by injecting malicious code into the Title field, indicating potential ...