A cross-site scripting vulnerability exists in the Comments parameter in Textpattern CMS 4.8.4 which allows remote malicious users to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting site.com/articles/welcome-to-your-site#comments-head.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
textpattern textpattern 4.8.4 |