Vulnerability CVE-2023-29847


Published: 2023-04-14

Description:
AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via a crafted payload.

See advisories in our WLB2 database:
Topic
Author
Date
Low
AeroCMS v0.0.1 - Stored Cross-Site Scripting (XSS)
Rahad Chowdhury
21.04.2023

 References:
https://github.com/MegaTKC/AeroCMS/issues/11

Copyright 2024, cxsecurity.com

 

Back to Top