CVE-2018-18845

2019-03-21T16:00:00
ID CVE-2018-18845
Type cve
Reporter cve@mitre.org
Modified 2019-03-27T15:23:00

Description

internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. The product is discontinued.