Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution prior to 5.2.1 allows remote malicious users to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
b2evolution b2evolution |