rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting

Releases0

Craft CMS 3.0.25 - Cross-Site Scripting Vulnerability

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-20418 ↗	Dec 24, 2018Monday, 24 December 2018, 04:29	—	3.5 LOW
index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.