CVE-2019-8410

2019-02-27T17:29:00
ID CVE-2019-8410
Type cve
Reporter cve@mitre.org
Modified 2019-02-27T18:55:00

Description

Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter because template/paody/html/vod_type.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the t_name parameter (not t_key).