Medium severity4.8NVD Advisory· Published Jun 27, 2022· Updated Jun 17, 2026
CVE-2022-33009
CVE-2022-33009
Description
A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.
Affected products
2- LightCMS/LightCMSdescription
- Range: = 1.3.11
Patches
Vulnerability mechanics
References
2- github.com/eddy8/LightCMS/issues/30nvdExploitIssue TrackingThird Party Advisory
- lightcms.comnvdProduct
News mentions
0No linked articles in our index yet.