PT-2018-13550 · Mayan Edms · Mayan Edms

Lokesh1095

·

Publicado

2018-09-03

·

Atualizado

2018-10-30

·

CVE-2018-16407

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Mayan EDMS versions prior to 3.0.3
Description An issue was discovered in the Tags app, where tag label values are mishandled, leading to XSS.
Recommendations For versions prior to 3.0.3, update to version 3.0.3 or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-16407
GHSA-5H6M-9MVX-M6C5
PYSEC-2018-15

Produtos afetados

Mayan Edms