3 matches found
CVE-2018-13065
ModSecurity 3.0.0 has XSS via an onerror attribute of an IMG element. NOTE: a third party has disputed this issue because it may only apply to environments without a Core Rule Set configured...
UBUNTU-CVE-2018-13065
DISPUTED ModSecurity 3.0.0 has XSS via an onerror attribute of an IMG element. NOTE: a third party has disputed this issue because it may only apply to environments without a Core Rule Set configured...
CVE-2018-13065
CVE-2018-13065 affects ModSecurity 3.0.0 with a Cross-Site Scripting issue: XSS via an IMG onError attribute. The core detail across connected sources is that an attacker could inject script through an onError on an IMG tag; some sources note a third party disputes applicability without a Core Ru...