CVE-2018-18553: XSS
First published: Mon Oct 22 2018(Updated: )
Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Leanote Leanote | =2.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Leanote?
The vulnerability ID of Leanote is CVE-2018-18553.
What is the severity of CVE-2018-18553?
The severity of CVE-2018-18553 is medium.
What is the affected software version of CVE-2018-18553?
The affected software version of CVE-2018-18553 is Leanote 2.6.1.
How does the XSS vulnerability in Leanote occur?
The XSS vulnerability in Leanote occurs via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.
Is there any fix available for CVE-2018-18553?
Yes, a fix is available for CVE-2018-18553. Please refer to the provided reference for more information.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/leanote
- canonical/leanote leanote
- version/leanote leanote/2.6.1