CVE-2018-16233: XSS
First published: Thu Aug 30 2018(Updated: )
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 1234n Minicms | =1.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is MiniCMS V1.10?
MiniCMS V1.10 is a version of the MiniCMS content management system.
What is the vulnerability in MiniCMS V1.10?
The vulnerability in MiniCMS V1.10 is XSS (Cross-Site Scripting) via the mc-admin/post-edit.php tags parameter.
What is XSS (Cross-Site Scripting)?
XSS (Cross-Site Scripting) is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
What is the severity of CVE-2018-16233?
The severity of CVE-2018-16233 is medium with a CVSS score of 6.1.
How can I fix the XSS vulnerability in MiniCMS V1.10?
To fix the XSS vulnerability in MiniCMS V1.10, it is recommended to update to the latest version of the software or apply the necessary patches provided by the vendor.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/1234n
- canonical/1234n minicms
- version/1234n minicms/1.10