Lucene search
Veracode Vulnerability DatabaseVERACODE:8074HistoryDec 26, 2018 - 1:27 a.m.
Cross-Site Scripting (XSS)
2018-12-2601:27:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.002 Low
EPSS
Percentile
58.5%
craftcms/cms is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser to steal session tokens or perform unwanted actions on behalf of the user via the title parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| craftcms/cms | le | 3.0.35 |
Related
packetstorm
packetstorm
Craft CMS 3.0.25 Cross Site Scripting
2018-12-25 00:00:00
exploitpack
exploitpack
Craft CMS 3.0.25 - Cross-Site Scripting
2018-12-27 00:00:00
github
github
Craft CMS Cross-site Scripting (XSS) Vulnerability
2022-05-14 01:20:01
zdt
zdt
Craft CMS 3.0.25 - Cross-Site Scripting Vulnerability
2018-12-27 00:00:00
cvelist
cvelist
CVE-2018-20418
2018-12-24 04:00:00
nvd
nvd
CVE-2018-20418
2018-12-24 04:29:00
osv
osv
Craft CMS Cross-site Scripting (XSS) Vulnerability
2022-05-14 01:20:01
CVE-2018-20418
2018-12-24 04:29:00
cve
cve
CVE-2018-20418
2018-12-24 04:29:00
prion
prion
Cross site scripting
2018-12-24 04:29:00
exploitdb
exploitdb
Craft CMS 3.0.25 - Cross-Site Scripting
2018-12-27 00:00:00