PT-2018-15161 · Domainmod · Domainmod

Mohammed Abdul Kareem

Publicado

2018-12-06

Atualizado

2019-02-26

CVE-2018-19914

CVSS v3.1

4.8

Média

Vetor

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions DomainMOD versions prior to 4.12

Description The issue allows for XSS attacks via the Profile Name or notes field in the assets/add/dns.php file.

Recommendations For DomainMOD versions prior to 4.12, update to version 4.12 or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-19914

Domainmod