Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulnerability, as it fails to validate user input. The affected components (index.php, upgrade.php) allow for JavaScript injection within both GET or POST requests, via a crafted URL or via the UpgradeMode POST parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-23T13:14:41
Updated: 2024-08-05T01:47:14.009Z
Reserved: 2019-10-21T00:00:00
Link: CVE-2019-18219
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-10-23T14:15:10.387
Modified: 2024-11-21T04:32:51.590
Link: CVE-2019-18219
Redhat
No data.