Vulnerability CVE-2022-30982


Published: 2022-07-17   Modified: 2022-07-18

Description:
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username.

See advisories in our WLB2 database:
Topic
Author
Date
High
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Gerhard Hechenbe...
20.06.2022

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilies-in-gentics-cms/

Copyright 2024, cxsecurity.com

 

Back to Top