Medium severity4.8NVD Advisory· Published Feb 24, 2018· Updated Jun 17, 2026
CVE-2018-7447
CVE-2018-7447
Description
mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. The 'Title' and 'Subtitle' fields of the 'Blog' page are vulnerable. NOTE: The software maintainer disputes this as a vulnerability because the fields claimed to be vulnerable to XSS are only available to administrators who are supposed to have access to add scripts
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2.6.0.0
Patches
Vulnerability mechanics
References
2- github.com/i7MEDIA/mojoportal/issues/82nvdPatchThird Party Advisory
- www.securityfocus.com/bid/103263nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.