CVE-2021-37502

Description

Cross Site Scripting (XSS) vulnerability in automad 1.7.5 allows remote attackers to run arbitrary code via the user name field when adding a user.

Affected packages (1)

• Packagist/automad/automadfrom 0, < 1.8.0

CVSS scores

References (2)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-37502
• WEBhttps://github.com/marcantondahmen/automad/issues/29