A persistent cross-site scripting vulnerability exists in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote malicious users to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Articles' page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
textpattern textpattern 4.9.0 |