Lucene search
Veracode Vulnerability DatabaseVERACODE:37971HistoryNov 10, 2022 - 3:28 a.m.
Cross-Site Scripting (XSS)
2022-11-1003:28:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
intelliants/subrion
cross-site scripting
admin-controllable input
_assignvalues function
fields.php
tooltip text field
EPSS
0.001
Percentile
40.2%
intelliants/subrion is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization in admin-controllable input caused by the _assignValues function of fields.php, which allows an attacker to inject and execute malicious HTML and script code into the web site via the tooltip text field.
Related
prion
prion
Cross site scripting
2022-11-09 16:15:00
github
github
Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
2022-11-09 19:02:23
osv
osv
CVE-2022-43121
2022-11-09 16:15:18
Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
2022-11-09 19:02:23
nvd
nvd
CVE-2022-43121
2022-11-09 16:15:18
cvelist
cvelist
CVE-2022-43121
2022-11-09 00:00:00
cve
cve
CVE-2022-43121
2022-11-09 16:15:18