2 matches found
CVE-2018-0605
Pixelpost v1.7.3 and earlier is affected by a Cross‑site Scripting (CWE-79) vulnerability (CVE-2018-0605). The issue allows an unauthenticated remote attacker to inject arbitrary web script or HTML that could run in the context of an affected user’s browser. The connected sources consistently ide...
JVN#27978559: Multiple vulnerabilities in Pixelpost
Pixelpost provided by Pixelpost.org contains multiple vulnerabilities listed below. Arbitrary code execution - CVE-2018-0604 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L| Base Score: 4.7 CVSS v2| AV:N/AC:L/Au:S/C:P/I:P/A:P| Base Score: 6.5 Cross-site...