Medium severity4.8OSV Advisory· Published May 21, 2018· Updated Jun 17, 2026
CVE-2018-11330
CVE-2018-11330
Description
An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976envdPatchThird Party Advisory
- github.com/pluck-cms/pluck/issues/58nvdIssue TrackingPatchThird Party Advisory
News mentions
0No linked articles in our index yet.