Stored XSS Vulnerability in ClipperCMS 1.3.3 Site Name Field
CVE-2018-11332 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file.
Learn more about our Web App Pen Testing.