CVE-2022-33009
Published
CVSS v3
4.8
MEDIUM
CVSS v2
3.5
LOW
Affected
1
PROJECT
Description
A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.
LightCMS 是一个基于 Laravel 开发的轻量级 CMS 系统,也可以作为一个通用的后台管理框架使用。A lightweight cms/admin framework powered by Laravel.
GitHub