FUEL-CMS

FUEL-CMS copied to clipboard

On https://www.getfuelcms.com/support: This link for `Get in touch` leads to https://www.getfuelcms.com/forums/categories/feature-requests which is 404 at the moment. The correct link seems to be https://forum.getfuelcms.com/categories/feature-requests Maybe a link to either https://github.com/daylightstudio/FUEL-CMS/issues...

olivierlacan

HTML Injection Issue

2

A HTML Injection issue is affecting the application. STEP 1:  STEP 2: 

74616e696d

Security Policy: add security configuration

1

noraj

add link to install steps

2

noraj

It would be nice to have a docker container with a docker compose to deploy the application easily. ## Related discussions - https://forum.getfuelcms.com/discussion/3168/setting-fuel-cms-up-in-docker

noraj

Create SECURITY.md

1

Hello 👋 I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@ambientl) has found a potential issue, which I would be eager to share with...

JamieSlome

A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS-1.5.1 that allows an authenticated user authorized to upload a malicious .pdf file which acts as a stored XSS payload. If this...

GiDunPar

Windows Defender Threat in MY_string_helper.php

1

Windows defender is seeing this file as Backdoor:Win32/Dirtelti!ml Not sure what part of the PHP code is causing it, but it's problematic.

harkus

A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS-1.5.1 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. If this...

able403

CSRF POC:  Affected Module 

warmachine-57