VYPR
Unrated severityNVD Advisory· Published Feb 3, 2022· Updated Aug 3, 2024

CVE-2022-23871

CVE-2022-23871

Description

Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters.

Affected products

2
  • Gibbon/CMSdescription
  • Ilch/CMSllm-fuzzy
    Range: 22.0.01

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.