Fork CMS v5.8.0 - Multiple Persistent Web Vulnerbilities

vendor:

Fork CMS

by:

Vulnerability Laboratory

5.3

CVSS

MEDIUM

Cross Site Scripting - Persistent

CWE

Product Name: Fork CMS

Affected Version From: Fork CMS v5.8.0

Affected Version To: Fork CMS v5.8.0

Patch Exists: NO

Related CWE: N/A

CPE: a:fork_cms:fork_cms

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Web-Application

2020

The vulnerability laboratory core research team discovered multiple persistent web vulnerabilities in the official Fork CMS v5.8.0.

Restricted authentication (user/moderator) - User privileges

Source