2 matches found
CVE-2018-12305
The provided connected sources confirm a Cross-site scripting vulnerability in ASUSTOR ADM 3.1.1 File Explorer. Specifically, uploading SVG images with embedded JavaScript allows an attacker to execute code. Affected product: ASUSTOR ADM (File Explorer component) version 3.1.1. Root cause: improp...
CVE-2018-12305
Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript by uploading SVG images with embedded JavaScript...