CVE-2019-17535

CVSS 9.3 CRITICALEPSS 2.0%

Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647.

CVSS:3.0/AC:L/AV:N/A:N/C:H/I:H/PR:N/S:C/UI:R

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/GilaCMS/gila/pull/48 https://rastating.github.io/gila-cms-reflected-xss/