Vulnerability CVE-2018-17025


Published: 2018-09-13   Modified: 2018-09-14

Description:
admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an edit_page action for a page with no special role.

 References:
https://github.com/monstra-cms/monstra/issues/458

Copyright 2018, cxsecurity.com

 

Back to Top