Microweber CMS prior to version 2.0.3 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
{ "github_reviewed_at": "2023-11-08T19:15:30Z", "cwe_ids": [ "CWE-79" ], "nvd_published_at": "2023-11-08T17:15:07Z", "severity": "MODERATE", "github_reviewed": true }