CVE-2020-13870
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.
Date published : 2020-06-05
https://github.com/verbb/comments/blob/craft-3/CHANGELOG.md#155—2020-05-28-critical
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.
Date published : 2020-06-05
https://github.com/verbb/comments/blob/craft-3/CHANGELOG.md#155—2020-05-28-critical