Cross-Site Scripting Vulnerability in Subrion CMS 4.2.1

CVE-2019-7356

What is CVE-2019-7356?

Subrion CMS version 4.2.1 is susceptible to a cross-site scripting (XSS) vulnerability, which can be exploited through the panel/phrases/ VALUE parameter. This flaw allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking, data theft, or unauthorized actions on behalf of the users. It is critical for users and administrators of Subrion CMS to apply the necessary updates and implement proper validation measures to mitigate this security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References