Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lavalite lavalite 5.8.0 |