RSS   Vulnerabilities for 'Engineercms'   RSS

2021-07-30
 
CVE-2021-36605

CWE-79
 

 
engineercms 1.03 is vulnerable to Cross Site Scripting (XSS). There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser.

 


Copyright 2024, cxsecurity.com

 

Back to Top