3 matches found
CVE-2018-16978
Monstra CMS V3.0.4 has XSS when ones tries to register an account with a crafted password parameter to users/registration, a different vulnerability than CVE-2018-11473...
CVE-2018-16978
Monstra CMS V3.0.4 has XSS when ones tries to register an account with a crafted password parameter to users/registration, a different vulnerability than CVE-2018-11473...
CVE-2018-16978
Monstra CMS 3.0.4 is affected by CVE-2018-16978, a Cross-Site Scripting (XSS) flaw in the registration form (users/registration) triggered by a crafted password parameter. Public references describe it as an XSS threat via the password field, enabling arbitrary script execution in the victim’s br...