PT-2019-19255 · Wtcms · Wtcms
Assassins-White
·
Publicado
2019-02-18
·
Atualizado
2019-02-19
·
CVE-2019-8911
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
WTCMS version 1.0
Description
An issue was discovered that allows stored XSS via the third text box, which is used for the website statistics code.
Recommendations
For WTCMS version 1.0, consider disabling the third text box for website statistics code until a patch is available to prevent exploitation.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wtcms