CVE-2019-13186: XSS
First published: Wed Jul 03 2019(Updated: )
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 1234n Minicms | =1.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for MiniCMS V1.10?
The vulnerability ID for MiniCMS V1.10 is CVE-2019-13186.
What is the severity of CVE-2019-13186?
The severity of CVE-2019-13186 is medium, with a severity value of 6.1.
Where was the stored XSS vulnerability found in MiniCMS V1.10?
The stored XSS vulnerability in MiniCMS V1.10 was found in mc-admin/post-edit.php via the tags box.
What can an attacker do with the stored XSS vulnerability in MiniCMS V1.10?
An attacker can use the stored XSS vulnerability in MiniCMS V1.10 to steal a user's cookie.
Is CVE-2019-13186 related to CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520?
No, CVE-2019-13186 is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- vendor/1234n
- canonical/1234n minicms
- version/1234n minicms/1.10