CVE-2017-1000495

Published January 3rd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

3.5

LOW

Affected

PROJECT

Description

QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing unauthorised actions with an administrator user's account

quickapps/cms

Modular CMS powered by CakePHP

GitHub

163