Lucene search
MitreCVELIST:CVE-2018-18087HistoryOct 09, 2018 - 8:00 p.m.
CVE-2018-18087
2018-10-0920:00:00
mitre
www.cve.org
3
EPSS
0.001
Percentile
20.7%
The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user who has the βManage portfolioβ privilege can inject arbitrary web script or HTML via the Image URL field in the portfolio editor. The vulnerability is triggered by visiting /portfolio/${project_title}.
Related
prion
prion
Code injection
2018-10-09 20:29:00
nvd
nvd
CVE-2018-18087
2018-10-09 20:29:00
osv
osv
CVE-2018-18087
2018-10-09 20:29:00
cve
cve
CVE-2018-18087
2018-10-09 20:29:00