A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling.
CPE | Name | Operator | Version |
---|---|---|---|
thirty_bees | lt | 1.5.0 |