First published: Wed Nov 04 2020(Updated: )
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-7356 is a vulnerability in Subrion CMS v4.2.1 that allows for XSS attacks via the panel/phrases/VALUE parameter.
CVE-2019-7356 has a severity rating of 5.4, which is considered medium.
CVE-2019-7356 affects Subrion CMS v4.2.1 by enabling XSS attacks through the panel/phrases/VALUE parameter.
The CWE for CVE-2019-7356 is CWE-79, which is related to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
To fix CVE-2019-7356 in Subrion CMS v4.2.1, it is recommended to update to the latest version or apply the patches provided by the vendor.