CVE-2019-13341: XSS
First published: Fri Jul 05 2019(Updated: )
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 1234n Minicms | =1.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-13341?
CVE-2019-13341 is a vulnerability found in MiniCMS V1.10 that allows for stored XSS in the comment box, potentially exposing a user's cookie.
How severe is CVE-2019-13341?
CVE-2019-13341 has a severity rating of 4.8, which is considered medium.
What software versions are affected by CVE-2019-13341?
MiniCMS V1.10 is the affected software version for CVE-2019-13341.
How can CVE-2019-13341 be exploited?
CVE-2019-13341 can be exploited by injecting malicious code into the comment box in mc-admin/conf.php, which can then be used to retrieve a user's cookie.
Is there a fix for CVE-2019-13341?
Currently, there is no known fix for CVE-2019-13341. It is recommended to update to a newer version of MiniCMS or apply any available patches or mitigations.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/1234n
- canonical/1234n minicms
- version/1234n minicms/1.10