2 matches found
CVE-2018-19598
Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request...
CVE-2018-19598
CVE-2018-19598 affects Statamic 2.10.3. A stored/reflected-like XSS exists via the First Name or Last Name fields in an ‘Add new user’ request to the /users URI. Public exploitation details are not provided in the provided documents. No remediation details are included here.