EPSS
Percentile
50.9%
intelliants/subrion is vulnerable to cross-site scripting (XSS). The vulnerability exists through the unsanitized values of the avatar[path] parameter.
avatar[path]
packetstormsecurity.com/files/160783/Subrion-CMS-4.2.1-Cross-Site-Scripting.html
github.com/intelliants/subrion/issues/880