Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords.
- http://packetstormsecurity.com/files/161562/LightCMS-1.3.4-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/49598
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/tzwlhack/Vulnerability