Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22392
Reference (s):
- https://github.com/intelliants/subrion/issues/868