Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
lavalite lavalite 5.8.0 |
Vulmon