Cmsgroovel
1 CVEs
product
Monthly
groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php (path parameter). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
XSS
PHP
Cmsgroovel
NVD
GitHub
CVSS 3.0
6.1
EPSS
0.4%
EPSS 0%
CVSS 6.1
MEDIUM
POC
PATCH
This Month
groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php (path parameter). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
XSS
PHP
Cmsgroovel
NVD
GitHub