First published: Tue Jul 23 2019(Updated: )
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gnuboard Gnuboard5 | =5.3.1.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-18676 is a vulnerability in GNUBOARD5 5.3.1.9 that allows remote attackers to inject arbitrary web script or HTML.
CVE-2018-18676 has a severity rating of 6.1, which is considered medium.
The affected software version is GNUBOARD5 5.3.1.9.
The vulnerability in GNUBOARD5 5.3.1.9 can be exploited by injecting arbitrary web script or HTML via the "mobile board tail contents" parameter.
To fix CVE-2018-18676, update GNUBOARD5 to version 5.3.2.0 or later.