First published: Wed Nov 09 2022(Updated: )
A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion CMS | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-43120 is a cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1.
CVE-2022-43120 allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Field default value text field.
CVE-2022-43120 has a severity rating of 6.1, which is considered medium.
To fix CVE-2022-43120, upgrade to a version of Intelliants Subrion CMS that is not affected by this vulnerability.
You can find more information about CVE-2022-43120 at the following link: [https://github.com/intelliants/subrion/issues/894](https://github.com/intelliants/subrion/issues/894)