Medium severity6.1OSV Advisory· Published Mar 27, 2019· Updated Jun 17, 2026
CVE-2018-15585
CVE-2018-15585
Description
Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13nvdPatchThird Party Advisory
- github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinform.phpnvdThird Party Advisory
- github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinformupdate.phpnvdThird Party Advisory
News mentions
0No linked articles in our index yet.