PT-2018-9849 · Bigtree · Bigtree
Hazzel-Cno
·
Published
2018-04-30
·
Updated
2018-06-05
·
CVE-2018-10364
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
BigTree versions prior to 4.2.22
Description:
The issue concerns a problem with the Users management page, where input in the
name or company field is not properly sanitized, leading to potential XSS issues.Recommendations:
For versions prior to 4.2.22, update to version 4.2.22 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bigtree