CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11680

An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.7%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

http://www.8sec.cc/archives/619
http://www.8sec.cc/archives/619

Products affected by CVE-2018-11680

Cmseasy » Cmseasy » Version: 6.0

cpe:2.3:a:cmseasy:cmseasy:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11680

Products

Pricing

Contact Us