Lucene search

K

MitreCVELIST:CVE-2018-14398

HistorySep 07, 2018 - 10:00 p.m.

CVE-2018-14398

2018-09-0722:00:00

mitre

www.cve.org

6

EPSS

0.001

Percentile

43.9%

An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials.

References

www.bishopfox.com/news/2018/08/cremecrm-1-6-12-multiple-vulnerabilities/

EPSS

0.001

Percentile

43.9%

Related for CVELIST:CVE-2018-14398

prion1 cve1 nvd1