CrownZTX/storedXSS

Releases0

Geeklog v2.2.2 is vulnerable to Stored Cross-Site Scripting (XSS) in public_html/admin/router.php

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-37787 ↗	Jul 13, 2023Thursday, 13 July 2023, 17:15	4.8 MEDIUM	—
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.