Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS 4.7.15 up to and including 4.7.16-dev4 allows remote malicious users to run arbitrary code via upload of crafted html file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pluck-cms pluck 4.7.16 |
||
pluck-cms pluck |