CVE-2023-29847

Published
View on NVD ↗
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via a crafted payload.

MegaTKC/AeroCMS
MegaTKC/AeroCMSUNAVAILABLE
Aero is a simple and easy to use CMS (Content Management System) designed to create fast and powerful web applications!
GitHubGitHub
24