Lucene search
HistoryAug 24, 2022 - 8:15 p.m.
CVE-2018-14520
security
vulnerability
kirby 2.5.12
cve-2018-14520
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.2%
An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.
Affected configurations
Node
getkirbykirbyMatch2.5.12
| CPE | Name | Operator | Version |
|---|---|---|---|
| getkirby:kirby | getkirby kirby | eq | 2.5.12 |
References
Social References
More
Related
nvd
nvd
CVE-2018-14520
2022-08-24 20:15:08
prion
prion
Code injection
2022-08-24 20:15:00
osv
osv
CVE-2018-14520
2022-08-24 20:15:08
Kirby CMS 2.5.12 Cross-site Scripting
2022-08-25 00:00:25
github
github
Kirby CMS 2.5.12 Cross-site Scripting
2022-08-25 00:00:25
cvelist
cvelist
CVE-2018-14520
2022-08-24 19:43:07
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.2%
Related for CVE-2018-14520