Lucene search
CVE-2018-13865
An XSS issue in idreamsoft iCMS 7.0.
Show more
| Reporter | Title | Published | Views | Family All 3 |
|---|---|---|---|---|
 | CVE-2018-13865 | 10 Jul 201820:00 | – | cvelist |
 | Design/Logic Flaw | 10 Jul 201820:29 | – | prion |
 | CVE-2018-13865 | 10 Jul 201820:29 | – | nvd |
Node
| Source | Link |
|---|---|
| github | www.github.com/idreamsoft/iCMS/issues/27 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| callback | query param | /public/api.php | Cross-Site Scripting (XSS) vulnerability via the callback parameter in the uploadpic request. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo10 Jul 2018 20:29Current
5.9Medium risk
Vulners AI Score5.9
CVSS24.3
CVSS36.1
EPSS0.00121