francoisjacquet/rosariosis is vulnerable to cross-site scripting. An attacker is able to inject malicious script via the xss_clean
function in classes/Security.php.
CPE | Name | Operator | Version |
---|---|---|---|
francoisjacquet/rosariosis | le | v5.7.6 | |
francoisjacquet/rosariosis | le | v5.7.6 |