Lucene search
PRIOn knowledge basePRION:CVE-2018-5479HistoryJan 15, 2018 - 4:29 p.m.
Design/Logic Flaw
2018-01-1516:29:00
PRIOn knowledge base
www.prio-n.com
1
0.001 Low
EPSS
Percentile
45.5%
FoxSash ImgHosting 1.5 (according to footer information) is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it’s possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| imghosting | eq | 1.5 |
References
Related
nvd
nvd
CVE-2018-5479
2018-01-15 16:29:00
cve
cve
CVE-2018-5479
2018-01-15 16:29:00
cvelist
cvelist
CVE-2018-5479
2018-01-15 16:00:00
zdt
zdt
ImgHosting 1.5 - Cross-Site Scripting Vulnerability
2018-01-15 00:00:00
packetstorm
packetstorm
ImgHosting 1.5 Cross Site Scripting
2018-01-15 00:00:00
exploitpack
exploitpack
ImgHosting 1.5 - Cross-Site Scripting
2018-01-15 00:00:00
exploitdb
exploitdb
ImgHosting 1.5 - Cross-Site Scripting
2018-01-15 00:00:00