Lucene search
Veracode Vulnerability DatabaseVERACODE:7609HistoryOct 16, 2018 - 5:35 a.m.
Cross-site Scripting (XSS)
2018-10-1605:35:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
52.0%
alchemy_cms is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization of the image filename, allowing persistent XSS attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| alchemy_cms | le | 3.2.1 | |
| alchemy_cms | le | 6.0.7 | |
| alchemy_cms | le | 3.2.1 | |
| alchemy_cms | le | 6.0.7 |
Related
osv
osv
AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
2022-05-14 01:57:26
nvd
nvd
CVE-2018-18307
2018-10-16 22:29:01
cve
cve
CVE-2018-18307
2018-10-16 22:29:01
cvelist
cvelist
CVE-2018-18307
2018-10-16 00:00:00
packetstorm
packetstorm
Alchemy CMS 4.1-Stable Cross Site Scripting
2018-10-14 00:00:00
prion
prion
Cross site scripting
2018-10-16 22:29:00
github
github
AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
2022-05-14 01:57:26