CVE-2018-19906

Name of the Vulnerable Software and Affected Versions razorCMS version 3.4.8

Description A stored XSS issue exists, allowing potential exploitation via the /#/page API endpoint, specifically through the description parameter.

Recommendations For razorCMS version 3.4.8, update to a version that includes a fix for this issue, as using the current version poses a risk due to the stored XSS vulnerability in the description parameter of the /#/page endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.