Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0.9.x before 0.9.3 allows remote attackers to inject arbitrary code via the login form's username field (aka the login parameter to the ban_canLogin function in index.php).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-01-05T20:00:00
Updated: 2024-08-05T05:33:44.318Z
Reserved: 2018-01-05T00:00:00
Link: CVE-2018-5249
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-01-05T20:29:00.220
Modified: 2024-11-21T04:08:25.457
Link: CVE-2018-5249
Redhat
No data.