CVE-2022-38295

Published September 12th, 2022

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /table_manager/view/cu_user_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function.

CuppaCMS/CuppaCMS

Cuppa is a project open source, that seeks offer a adaptable CMS to any project (news or exist developments, web, desktop or mobile project) that don't have a Content Manager System and need implement one without realize heavy migration processes, nor take hours learning new, complex structures and methodologies.

GitHub