vendor:
Enterprise CMS
by:
Unknown
5.5
CVSS
MEDIUM
Cross-site scripting (XSS)
79
CWE
Product Name: Enterprise CMS
Affected Version From: 3
Affected Version To: 3
Patch Exists: NO
Related CWE:
CPE: a:enterprise_cms:enterprise_cms:3.0
Platforms Tested: Unknown
Unknown
Cross-site scripting vulnerability in Enterprise CMS
The vulnerability allows an attacker to inject arbitrary script code into the browser of a user visiting the affected site. This can lead to theft of authentication credentials and other attacks.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize user-supplied input properly before processing it in the application.