← All advisories

Unrated severityOSV Advisory· Published Oct 22, 2018· Updated Aug 5, 2024

CVE-2018-18553

CVE-2018-18553

Description

Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.

Affected products

2

Leanote/LeanoteOSV2 versions
0.1, 0.2, 0.3, …+ 1 more
- (no CPE)range: 0.1, 0.2, 0.3, …
- (no CPE)range: = 2.6.1

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

github.com/leanote/leanote/issues/822mitrex_refsource_MISC

News mentions

0

No linked articles in our index yet.