GHSA-269j-37ww-cmh3MediumCVSS 4.8
Mezzanine CMS vulnerable to Cross-site Scripting
🔗 CVE IDs covered (1)
📋 Description
A cross-site scripting (XSS) vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a blog post.
🎯 Affected products1
- pip/Mezzanine:<= 6.1.0