logo
DATABASE RESOURCES PRICING ABOUT US

Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting

Description

Stored Cross-Site Scripting vulnerabilities in Themify Portfolio Post <= 1.1.5 allow low-privileged users (Contributor+) to inject arbitrary Javascript code or HTML in posts where the Themify Custom Panel is embedded.


Related