Rubysec

Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at rubysec.com

Advisory Archive

Back

---
gem: radiant
date: 2018-02-19
url: https://github.com/radiant/radiant/issues/412
cve: 2018-7261
title: Multiple persistent XSS vulnerabilities in Radiant CMS
description: |
  There are multiple Persistent XSS vulnerabilities in Radiant CMS.
  They affect Personal Preferences (Name and Username) and Configuration (Site Title,
  Dev Site Domain, Page Parts, and Page Fields).
cvss_v2: '3.5'
cvss_v3: '5.4'