Unrated severityOSV Advisory· Published Oct 24, 2018· Updated Aug 5, 2024

CVE-2018-18635

Description

www/guis/admin/application/controllers/UserController.php in the administration login interface in MailCleaner CE 2018.08 and 2018.09 allows XSS via the admin/login/user/message/ PATH_INFO.

Affected products

Mailcleaner/MailcleanerOSV

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/MailCleaner/MailCleaner/commit/5f90a52785672fc688c1f85e472e84b8a0d008d8mitrex_refsource_MISC
github.com/MailCleaner/MailCleaner/issues/53mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000