CVE-2022-37059

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/intelliants/subrion

Identifiers

GHSA-rh4r-9689-6xw4, CVE-2022-37059

Package Slug

packagist/intelliants/subrion

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field

Affected Versions

All versions up to 4.2.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-19

source