hotarucms/hotarucms is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser by storing malicious Javascript code in the site_name
parameter. This CVE ID is related to CVE-2011-4709.
CPE | Name | Operator | Version |
---|---|---|---|
hotarucms/hotarucms | le | 1.7.2 |