CVE-2018-25054

Name of the Vulnerable Software and Affected Versions shred cilla (affected versions not specified)

Description A vulnerability was found in shred cilla, classified as problematic. It affects an unknown function of the file cilla-xample/src/main/webapp/WEB-INF/jsp/view/search.jsp of the component Search Handler. The manipulation of the details argument leads to cross-site scripting. This attack can be launched remotely.

Recommendations To fix this issue, it is recommended to apply a patch. The name of the patch is d345e6bc7798bd717a583ec7f545ca387819d5c7. As a temporary workaround, consider restricting access to the vulnerable Search Handler component until a patch is applied. Avoid using the details argument in the affected search functionality until the issue is resolved.