EPSS
Percentile
24.8%
forkcms/forkcms is vulnerable to cross-site scripting attacks. The vulnerability exists because the ‘Displayname’ input field in ‘Profiles’ module is not properly encoded, which allows a malicious attacker to inject and execute arbitrary javascript.
github.com/forkcms/forkcms/commit/6ec6171206a7507a39695edc8bbd1b97ef1041c6
github.com/forkcms/forkcms/pull/3073
www.vulnerability-lab.com/get_content.php?id=2208