Vulnerability Details CVE-2018-16979
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.2
EPSS Ranking 95.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
Products affected by CVE-2018-16979
-
cpe:2.3:a:monstra:monstra:3.0.4