GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.
History

Thu, 19 Sep 2024 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Sir
Sir gnuboard
CPEs cpe:2.3:a:gnuboard:gnuboard5:5.3.1.9:*:*:*:*:*:*:* cpe:2.3:a:sir:gnuboard:5.3.1.9:*:*:*:*:*:*:*
Vendors & Products Gnuboard
Gnuboard gnuboard5
Sir
Sir gnuboard

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-23T16:03:29

Updated: 2024-08-05T11:16:00.190Z

Reserved: 2018-10-26T00:00:00

Link: CVE-2018-18670

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-23T17:15:11.153

Modified: 2024-11-21T03:56:21.127

Link: CVE-2018-18670

cve-icon Redhat

No data.