PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
pyrocms pyrocms 3.9 |
Vulmon