Description
An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter.
Remediation
References
Related Vulnerabilities
Drupal Improper Input Validation Vulnerability (CVE-2014-5019)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
WordPress Plugin Click to Call or Chat Buttons Cross-Site Scripting (1.4.0)
WordPress Plugin Simple Dropbox Upload Arbitrary File Upload (1.8.8)