gilacms/gila is vulnerable to cross-site scripting (XSS). The attack exists because the admin/content/postcategory
id parameter is not sanitized properly for g_preview_theme
.
CPE | Name | Operator | Version |
---|---|---|---|
gilacms/gila | le | 1.11.5 | |
gilacms/gila | le | 1.11.5 |