GHSA-rh4r-9689-6xw4, CVE-2022-37059
packagist/intelliants/subrion
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field
All versions up to 4.2.1
Unfortunately, there is no solution available yet.
2022-09-19
source |