Symphony CMS is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary webscript in the URL through the sort parameters in system/authors
.
CPE | Name | Operator | Version |
---|---|---|---|
symphonycms/symphony-2 | le | 2.6.2 | |
symphonycms/symphony-2 | le | 2.6.2 |