In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-10-02
Updated
2018-11-16
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.
Max CVSS
5.4
EPSS Score
0.06%
Published
2018-01-04
Updated
2018-01-16
2 vulnerabilities found