CVE-2021-41948

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/intelliants/subrion

Identifiers

CVE-2021-41948, GHSA-jv64-2m3x-6v4q

Package Slug

packagist/intelliants/subrion

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects".

Affected Versions

All versions up to 4.2.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-05-05

source