CVE-2022-37721

Description

PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics