CVE-2018-19599

Published March 2nd, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.

monstra-cms/monstra

THIS PROJECT IS NOT SUPPORTED ANYMORE! Check FLEXTYPE.ORG

GitHub

390