PT-2019-19255 · Wtcms · Wtcms
Assassins-White
·
Published
2019-02-18
·
Updated
2019-02-19
·
CVE-2019-8911
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
WTCMS version 1.0
Description
An issue was discovered that allows stored XSS via the third text box, which is used for the website statistics code.
Recommendations
For WTCMS version 1.0, consider disabling the third text box for website statistics code until a patch is available to prevent exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wtcms