2 matches found
CVE-2018-17026
admin/index.php in Monstra CMS 3.0.4 allows XSS via the pagemetatitle parameter in an editpage&name=error404 action, a different vulnerability than CVE-2018-10121...
CVE-2018-17026
CVE-2018-17026 concerns Monstra CMS 3.0.4, where several sources describe a cross-site scripting vulnerability in admin/index.php via the page_meta_title parameter within the edit_page&name=error404 flow. Red Hat’s entry (RH:CVE-2018-17026) specifies a stored XSS vulnerability when an editor with...