Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jojocms jojo-cms |
||
jojocms jojo-cms 1.1 |
||
jojocms jojo-cms 1.2 |