Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
9 lines (5 sloc) 254 Bytes

CVE-2018-5215

forkcms has XSS via the /private/en/pages/edit title parameter.

login to adminpage and edit pages. In title parameter input xss payload "><svg onload=alert(0)>,then save page edit there is xss vul in pages page