CrafterCMS Engine – Cross-Site Scripting

Main / CrafterCMS Engine – Cross-Site Scripting

Discription

CrafterCMS Engine is vulnerable to reflected cross-site scripting (XSS) via the transformerName parameter in the /api/1/site/url/transform endpoint, allowing attackers to execute arbitrary JavaScript in the context of the…Read More

References

Back to Main

Subscribe for the latest news: