NuytsTech Security

CVE-2020-35437

by ·

Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.

Date published : 2020-12-25

http://packetstormsecurity.com/files/160783/Subrion-CMS-4.2.1-Cross-Site-Scripting.html

https://github.com/intelliants/subrion/issues/880

Tags: