processwire is vulnerable to cross-site scripting. The vulnerability is due to lack of sanitization in the search users and search pages functions which allows an attacker to inject and execute arbitrary JavaScript.
CPE | Name | Operator | Version |
---|---|---|---|
processwire/processwire | le | 3.0.200 | |
processwire/processwire | le | 3.0.200 |