intelliants/subrion is vulnerable to cross-site scripting (XSS). An attacker can inject xss payload on the “payment gateway” column and save the entry to get it executed when a user visits the page.
CPE | Name | Operator | Version |
---|---|---|---|
intelliants/subrion | le | v4.2.1 |