Windu: Security Vulnerabilities
Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-01
Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-01