Latest Security News about tematres 3 0

Contact US For API Security>

TemaTres 3.0 has reflected XSS vuln

Overview : TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI. Affected Product(s) : TemaTres 3.0 Vulnerability Details : CVE ID : CVE-2019-14344 The parameters “replace_string” and “search_string” POST request (XSS reflected) Solution : Upgrade to TemaTres 3.1 More information : https://github.com/zikula/core/commit/d6e6c283f18b3dcb7e92b46a7ad63fc7c7e112e2