Unrated severityOSV Advisory· Published Oct 16, 2018· Updated Aug 5, 2024
CVE-2018-18308
CVE-2018-18308
Description
In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24.0beta2, 4.2, 4.2.10, …+ 1 more
- (no CPE)range: 4.0beta2, 4.2, 4.2.10, …
- (no CPE)range: = 4.2.23
Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/45628/mitreexploitx_refsource_EXPLOIT-DB
- packetstormsecurity.com/files/149788/BigTree-CMS-4.2.23-Cross-Site-Scripting.htmlmitrex_refsource_MISC
- github.com/bigtreecms/BigTree-CMS/commit/ffd668a3aa7d2f540dbcdf5751f207302519df72mitrex_refsource_CONFIRM
- github.com/bigtreecms/BigTree-CMS/issues/356mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.