PT-2018-16808 · Radiant · Radiant Cms
Publicado
2018-01-04
·
Atualizado
2018-01-16
·
CVE-2018-5216
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Radiant CMS version 1.1.4
Description
The issue concerns crafted Markdown input that leads to XSS in the
part body content parameter of the "admin/pages/*/edit" resource.Recommendations
For Radiant CMS version 1.1.4, avoid using the
part body content parameter in the "admin/pages//edit" resource until a fix is available. As a temporary workaround, consider restricting access to the "admin/pages//edit" resource to minimize the risk of exploitation.Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Radiant Cms