search

boiteasite / cmsuno

An easy and clever tool to create one-page responsive websites
27 stars 8 forks source link

CMSUno v1.5.2 has a XSS vulnerability in title. #7

Closed SunJ3t closed 6 years ago

SunJ3t commented 6 years ago 
A xss vulnerability was discovered in CMSUno v1.5.2.
There is a persistent XSS vulnerability in title[titre] if I use the payload <script>alert(1)</script>.

cmsuno1

cmsuno2

boiteasite commented 6 years ago

Hi,

Fixed with new update 1.5.3. Thanks for this report.

Regards

fgeek commented 3 years ago

CVE-2018-15567 has been assigned for this issue.