3 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-16358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to uplo...
CVE-2018-16358
A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...
CVE-2018-16358
CVE-2018-16358 is a cross-site scripting (XSS) vulnerability in Dotclear’s media manager (inc/core/class.dc.core.php) up to version 2.14.1. It allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml. The issue’s root cause is an XSS flaw i...