Lucene search
CVE-2018-16622
Multiple XSS vulnerabilities in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | CVE-2018-16622 | 6 Sep 201819:29 | – | nvd |
 | CVE-2018-16622 | 6 Sep 201819:29 | – | osv |
 | Cross site scripting | 6 Sep 201819:29 | – | prion |
 | CVE-2018-16622 | 6 Sep 201819:00 | – | cvelist |
| Source | Link |
|---|---|
| github | www.github.com/doramart/DoraCMS/issues/136 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| discription | request body | /api/content/addOne | Multiple XSS vulnerabilities allow injection of arbitrary scripts via discription and comments fields. | CWE-79 |
| comments | request body | /api/content/addOne | Multiple XSS vulnerabilities allow injection of arbitrary scripts via discription and comments fields. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo06 Sep 2018 19:29Current
5.4Medium risk
Vulners AI Score5.4
CVSS23.5
CVSS35.4
EPSS0.00058