Fork CMS versions 3.2.7 and 3.2.6 suffer from multiple cross site scripting vulnerabilities when parsing user input to several parameters in different scripts, via POST and GET methods. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
87d720305c55d72a3967b0136aa44ba244c9cea9ae38e3e4a86188a755922947