Pluck is a content management system (CMS) developed using the PHP language. A cross-site scripting vulnerability exists in Pluck CMS version 4.7.18, which stems from unknown code in install.php in the component Installation Handler, resulting in cross-site scripting. An attacker can exploit this vulnerability to cause cross-site scripting.
CPE | Name | Operator | Version |
---|---|---|---|
pluck pluck cms | eq | 4.7.18 |