CVE-2011-5303

2022-10-0316:15:12

mitre

www.cve.org

cross-site scripting

spitfire cms

remote attackers

injection

web script

html

cms username cookie

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.7%

JSON

Cross-site scripting (XSS) vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cms_username cookie.

References

www.htbridge.com/advisory/HTB22903