CVE-2018-7274

Name of the Vulnerable Software and Affected Versions Yab Quarx versions 2.4.3 and prior Yab Quarx versions prior to 2.4.5

Description The issue affects multiple components, including Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name), due to multiple persistent cross-site scripting vulnerabilities.

Recommendations For Yab Quarx versions 2.4.3 and prior, consider updating to version 2.4.5 or later to resolve the issue. For Yab Quarx versions prior to 2.4.5, update to version 2.4.5 or later to fix the problem. As a temporary workaround, consider restricting user input for the affected components, such as Blog titles, FAQ questions, Page titles, Widget names, and Menu names, until a patch is available.