First published: Fri Jul 20 2018(Updated: )
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Metinfo Metinfo | =6.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-14419 is a vulnerability in MetInfo 6.0.0 that allows cross-site scripting (XSS) attacks via a modified name of the navigation bar on the home page.
CVE-2018-14419 has a severity rating of medium, with a CVSS score of 4.8.
CVE-2018-14419 affects MetInfo 6.0.0, allowing attackers to perform XSS attacks by modifying the name of the navigation bar on the home page.
At the moment, there is no official fix available for CVE-2018-14419. It is recommended to apply security best practices and measures to mitigate the risk.
Yes, you can find more information and a proof-of-concept demonstration for CVE-2018-14419 in the GitHub repository linked [here](https://github.com/AvaterXXX/Metinfo---XSS/blob/master/test).