First published: Tue Dec 04 2018(Updated: )
`panel/uploads/#elf_l1_XA` in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/intelliants/subrion | <=4.2.1 | |
Intelliants Subrion CMS | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-16629.
The title of this vulnerability is 'panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.'
The affected software is Subrion CMS v4.2.1.
The severity of CVE-2018-16629 is medium, with a severity value of 4.8.
To fix CVE-2018-16629, it is recommended to update Subrion CMS to the latest version available.