First published: Tue Oct 02 2018(Updated: )
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion | =4.2.1 | |
composer/intelliants/subrion | <=4.2.1 | |
=4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2018-15563.
The severity of CVE-2018-15563 is medium.
The vulnerability can be exploited via the titles[en] parameter in _core/admin/pages/add/ in Subrion CMS 4.2.1, allowing for XSS attacks.
The vulnerability affects Subrion CMS 4.2.1.
Yes, it is recommended to update to a patched version of Subrion CMS to fix CVE-2018-15563.