CVE-2013-7474

CVE-2013-7474

EPSS 0.8%

Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://zeroscience.mk/blog/07/2013/windu-cms-2-2-multiple-stored-xss-and-csrf-vulnerabilities/