We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
baserCMS 4.3.7 and earlier is affected by Cross Site Scripting (XSS).
Impact: XSS via Arbitrary script execution. Attack vector is: Administrator must be logged in. Tested baserCMS Version : 4.3.7(Latest)
payload: "><svg/onload=alert(1)><--xsstest
"><svg/onload=alert(1)><--xsstest
The text was updated successfully, but these errors were encountered:
@Aquilao Hi. Thank you for reporting.
I am sending you an email. Did you see it?
I will close this issue. I'm writing the reason in the email.
Sorry, something went wrong.
fix #1531 1532 1533 #1534 管理画面の文字列出力を改善
a99e67e
Merge pull request from GHSA-6fmv-q269-55cw
bb027c3
No branches or pull requests
baserCMS 4.3.7 and earlier is affected by Cross Site Scripting (XSS).
Impact: XSS via Arbitrary script execution.
Attack vector is: Administrator must be logged in.
Tested baserCMS Version : 4.3.7(Latest)
payload:
"><svg/onload=alert(1)><--xsstest
The text was updated successfully, but these errors were encountered: