A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the end_date
Parameter. This issue was patched in version 5.11.0.
{ "nvd_published_at": "2022-08-12T16:15:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-08-18T19:08:36Z" }