/ 
Galileo-0.034
River stage zero No dependents
⭐ Starred 166 GitHub stars
Security Advisories (1)
CVE-2019-7410 (2020-08-14)

There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.ep (aka the PAGE TITLE Field).

Changes for version 0.034 - 2014-05-31

  • Improve compatibility with Mojolicious 5.0 (no bump required)
    • Bump Mojolicious::Plugin::Humane to 0.07
  • Fix typo in setup command (crab++)

Documentation

Galileo

Modules

Galileo
A simple modern CMS built on Mojolicious

Provides

Galileo::Admin
in lib/Galileo/Admin.pm
Galileo::Command::dump
in lib/Galileo/Command/dump.pm
Galileo::Command::setup
in lib/Galileo/Command/setup.pm
Galileo::DB::Deploy
in lib/Galileo/DB/Deploy.pm
Galileo::DB::Schema
in lib/Galileo/DB/Schema.pm
Galileo::DB::Schema::Result::Menu
in lib/Galileo/DB/Schema/Result/Menu.pm
Galileo::DB::Schema::Result::Page
in lib/Galileo/DB/Schema/Result/Page.pm
Galileo::DB::Schema::Result::User
in lib/Galileo/DB/Schema/Result/User.pm
Galileo::File
in lib/Galileo/File.pm
Galileo::Menu
in lib/Galileo/Menu.pm
Galileo::Page
in lib/Galileo/Page.pm
Galileo::Plugin::Modal
in lib/Galileo/Plugin/Modal.pm
Galileo::User
in lib/Galileo/User.pm

Other files