Posted on Leave a comment

CVE-2018-20778

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element.

Leave a Reply

Your email address will not be published. Required fields are marked *