2 matches found
CVE-2018-18670
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/configformupdate.php cf110 parameter...
CVE-2018-18670
CVE-2018-18670 affects GNUBOARD5 version 5.3.1.9, where an XSS vulnerability exists allowing remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter (also identified as the adm/config_form_update.php cf_1~10 parameter). The issue stems from insufficient validati...