Количество 2
Количество 2
CVE-2018-18307
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized."
GHSA-7mj4-2984-955f
Withdrawn Advisory: AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-18307 A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized." | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
| GHSA-7mj4-2984-955f Withdrawn Advisory: AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field | CVSS3: 5.9 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу