Cross-Site Scripting Vulnerability in WebsiteBaker by WebsiteBaker
CVE-2015-0553

Currently unrated

Key Information:

Vendor: Websitebaker
Status: Websitebaker
Vendor: CVE Published:; 21 January 2015

🔔 Create Websitebaker Vulnerability Alert

What is CVE-2015-0553?

A Cross-Site Scripting (XSS) vulnerability exists in the administrative backend of WebsiteBaker version 2.8.3 SP3. This flaw allows remote attackers to inject arbitrary web scripts or HTML code through the 'page_id' parameter. Exploitation of this vulnerability may lead to a range of attacks, including unauthorized data access and manipulation, potentially compromising the security of the affected site.

References

http://packetstormsecurity.com/files/130008/CMS-Websiteba...

x_refsource_MISC

http://sroesemann.blogspot.de/2015/01/sroeadv-2015-03_4.html

x_refsource_MISC

https://twitter.com/sroesemann/status/555397239229911040

x_refsource_MISC

Timeline

Vulnerability published
Jan 21, 2015
Vulnerability Reserved
Jan 5, 2015

JSON