mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
741 B
741 B
CVE-2021-25974
&color=brighgreen)
Description
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article.
POC
Reference
Github
No PoCs found on GitHub currently.