First published: Tue Oct 09 2018(Updated: )
Navigate CMS has Stored XSS via the navigate.php Title field in an edit action.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Naviwebs Navigate CMS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-18029 is medium with a score of 5.4.
The affected software by CVE-2018-18029 is Naviwebs Navigate CMS.
CVE-2018-18029 vulnerability occurs due to Stored XSS via the navigate.php Title field in an edit action.
Yes, there are some references related to CVE-2018-18029 vulnerability. You can find them at the following URLs: - https://bitbucket.org/navigatecms/navigatecms/commits/586e67ce1c43d459f6b00221fb30be26fcbfb866 - https://bitbucket.org/navigatecms/navigatecms/issues/3/stored-xss-in-navigatecms
Yes, the Common Weakness Enumeration (CWE) associated with CVE-2018-18029 is CWE-79 (Cross-Site Scripting).