2 matches found
CVE-2018-11227
Monstra CMS 3.0.4 and earlier has XSS via index.php...
CVE-2018-11227
Summary (CVE-2018-11227) : Monstra CMS ≤3.0.4 is affected by a Cross‑Site Scripting (XSS) vulnerability via index.php. An attacker can inject arbitrary script in the browser of users visiting the affected site, potentially stealing cookie‑based authentication credentials and enabling further brow...