CVE-2020-28124

Cross-site Scripting in packagist/lavalite/cms

Identifier

CVE-2020-28124

Package Slug

packagist/lavalite/cms

Vulnerability

Cross-site Scripting

Description

LavaLite is vulnerable to Cross Site Scripting (XSS) via the Address field.

Affected Versions

Version 5.8.0

Solution

Upgrade to version 7.0.1 or above.

Last Modified

2021-04-21

source