First published: Wed Nov 09 2022(Updated: )
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion CMS | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this cross-site scripting (XSS) vulnerability is CVE-2022-43121.
The affected software for this vulnerability is Intelliants Subrion CMS v4.2.1.
The severity level of CVE-2022-43121 is medium (6.1).
Attackers can execute arbitrary web scripts or HTML through a crafted payload injected into the tooltip text field on the CMS Field Add page of Intelliants Subrion CMS v4.2.1.
Yes, you can refer to the following link for additional information: https://github.com/intelliants/subrion/issues/895.