CVE-2018-6506

N/A

Descripcion

Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado2/12/2018

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

minibb:minibb

Debilidades (CWE)

CWE-79

Referencias

https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/(cve@mitre.org)

https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.