CVE-2018-18668

Published August 26th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.

gnuboard/gnuboard5

그누보드5 (영카트 포함) 공개형 Git

GitHub

342