EPSS
Percentile
50.9%
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
packetstormsecurity.com/files/160783/Subrion-CMS-4.2.1-Cross-Site-Scripting.html
github.com/intelliants/subrion/issues/880