CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5811 – flusity CMS posts.php loadPostAddForm cross site scripting
https://notcve.org/view.php?id=CVE-2023-5811
27 Oct 2023 — A vulnerability, which was classified as problematic, was found in flusity CMS. Affected is the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument menu_id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/flusity/flusity-CMS/commit/6943991c62ed87c7a57989a0cb7077316127def8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5810 – flusity CMS posts.php loadPostAddForm cross site scripting
https://notcve.org/view.php?id=CVE-2023-5810
27 Oct 2023 — A vulnerability, which was classified as problematic, has been found in flusity CMS. This issue affects the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument edit_post_id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/flusity/flusity-CMS/commit/6943991c62ed87c7a57989a0cb7077316127def8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •