Page 3 of 21 results (0.004 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8606
https://notcve.org/view.php?id=CVE-2015-8606
13 Apr 2016 — Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.x before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Locale or (2) FailedLoginCount parameter to admin/security/EditForm/field/Members/item/new/ItemEditForm. Múltiples vulnerabilidades de XSS en SilverStripe CMS & Framework en versiones anteriores a 3.1.16 y 3.2.x en versiones anteriores a 3.2.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML a... • http://seclists.org/fulldisclosure/2015/Dec/55 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •