EPSS
Percentile
21.4%
forkcms/forkcms is vulnerable to cross-site scripting(XSS) attacks. A remote attacker is able to inject and execute malicious javascript via the description of a new module due to the lack of validations.
github.com/forkcms/forkcms/commit/73ced08a613804773f2739b5e30027f7a4d9c293
github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e
github.com/forkcms/forkcms/pull/3499
huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba
huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba/