Unrated severityNVD Advisory· Published Nov 11, 2018· Updated Sep 16, 2024
CVE-2018-19170
CVE-2018-19170
Description
In JPress v1.0-rc.5, there is stored XSS via each of the first three input fields to the starter-tomcat-1.0/admin/setting URI, as demonstrated by the web_name parameter.
Affected products
2= 1.0-rc.5+ 1 more
- (no CPE)range: = 1.0-rc.5
- (no CPE)range: = v1.0-rc.5
Patches
Vulnerability mechanics
References
1- github.com/JpressProjects/jpress/issues/89mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.