CVE-2016-7149
Published
CVSS v3
N/A
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function.
b2evolution CMS: Multiblog/CMS content publishing + forums + email marketing + social network + more... b2evolution includes everything you need to run and maintain a modern website. Optimized for low maintenance with easy upgrades and effective antispam. Full RWD & bootstrap support.
GitHub