rogboyce
commented
3 years ago Thanks, it's good to be made aware of these things in time so we can do something about it.
Open shino-337 opened 4 years ago
rogboyce
commented
3 years ago Thanks, it's good to be made aware of these things in time so we can do something about it.
I found the new version 5.0.3 of Impresspages CMS using easyXDM, but it is the old version and has some DOM XSS bug on location.href in file "/Ip/Internal/Core/assets/js/easyXDM/name.html" line 1450. The information of this vulnerability here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1403 The fixed bug commit from easyXDM: https://github.com/oyvindkinsey/easyXDM/commit/a3194d32c25a0d27a10a47304eb9c9be93ffbf13#diff-6489956f1e1f52236929b4d33cbeb2db