Podatność CVE-2018-7747

Podatność CVE-2018-7747

Publikacja: 2018-04-20

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
3.5/10	2.9/10	6.8/10

Affected software
Calderalabs -> Caldera forms
Calderaforms -> Caldera forms

http://packetstormsecurity.com/files/147257/WordPress-Caldera-Forms-1.5.9.1-Cross-Site-Scripting.html

https://calderaforms.com/2018/03/caldera-forms-1-6-is-here/

https://calderaforms.com/updates/caldera-forms-1-6-0/#security

https://wordpress.org/plugins/caldera-forms/#developers

https://www.exploit-db.com/exploits/44489/