CVE-2019-15228
N/A
N/A
Summary
FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.sevenlayers.com/index.php/237-fuelcms-1-4-4-xss
- https://github.com/daylightstudio/FUEL-CMS/issues/536
References
- https://www.sevenlayers.com/index.php/237-fuelcms-1-4-4-xss
- https://github.com/daylightstudio/FUEL-CMS/issues/536
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.