An issue exists in nc-cms through 2017-03-10. index.php?action=edit_html allows XSS via the name parameter, as demonstrated by a value beginning with home_content and containing a crafted SRC attribute of an IMG element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nconsulting nc-cms |