Medium severity6.1NVD Advisory· Published Aug 26, 2019· Updated Jun 17, 2026
CVE-2018-18668
CVE-2018-18668
Description
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GNUBOARD5/GNUBOARD5description
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.