CVE-2018-19289

2018-11-1506:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

37.2%

JSON

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.

References

github.com/xCss/Valine/issues/127