First published: Tue Aug 21 2018(Updated: )
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Victor Cms Project Victor Cms | <=2018-05-10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-15603 is a vulnerability in Victor CMS through 2018-05-10 that allows XSS via the Author field of the "Leave a Comment" screen.
CVE-2018-15603 has a severity value of 6.1, which is considered medium.
To fix CVE-2018-15603, update Victor CMS to a version beyond 2018-05-10 that addresses the XSS vulnerability.
You can find more information about CVE-2018-15603 on the GitHub issue page: [https://github.com/VictorAlagwu/CMSsite/issues/2](https://github.com/VictorAlagwu/CMSsite/issues/2)
The CWE for CVE-2018-15603 is CWE-79, which is Cross-Site Scripting (XSS).