CVE-2022-24563: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(updated )
In Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the intro_title and intro_image parameters.
References
Detect and mitigate CVE-2022-24563 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →