CVE-2018-15199

AuraCMS 2.3 allows XSS via a Bukutamu - AddGuestbook action...

CVE-2018-15199

AuraCMS 2.3 allows XSS via a Bukutamu - AddGuestbook action...

CVE-2018-15199

CVE-2018-15199 affects AuraCMS 2.3. The vulnerability is a Cross-Site Scripting (XSS) flaw triggered via the Bukutamu → AddGuestbook action, allowing injection of arbitrary scripts. Exploitation details are not provided in the documents; CVSS metrics indicate a low/medium severity (CVSS v2 base 3...