Vulnerability Details CVE-2018-18547
Vesta Control Panel through 0.9.8-22 has XSS via the edit/web/ domain parameter, the list/backup/ backup parameter, the list/rrd/ period parameter, the list/directory/ dir_a parameter, or the filename to the list/directory/ URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-18547
-
cpe:2.3:a:vestacp:control_panel:0.9.7-13
-
cpe:2.3:a:vestacp:control_panel:0.9.7-14
-
cpe:2.3:a:vestacp:control_panel:0.9.7-15
-
cpe:2.3:a:vestacp:control_panel:0.9.7-16
-
cpe:2.3:a:vestacp:control_panel:0.9.7-17
-
cpe:2.3:a:vestacp:control_panel:0.9.7-18
-
cpe:2.3:a:vestacp:control_panel:0.9.7-19
-
cpe:2.3:a:vestacp:control_panel:0.9.7-20
-
cpe:2.3:a:vestacp:control_panel:0.9.7-21
-
cpe:2.3:a:vestacp:control_panel:0.9.7-22
-
cpe:2.3:a:vestacp:control_panel:0.9.8-1
-
cpe:2.3:a:vestacp:control_panel:0.9.8-10
-
cpe:2.3:a:vestacp:control_panel:0.9.8-11
-
cpe:2.3:a:vestacp:control_panel:0.9.8-12
-
cpe:2.3:a:vestacp:control_panel:0.9.8-13
-
cpe:2.3:a:vestacp:control_panel:0.9.8-14
-
cpe:2.3:a:vestacp:control_panel:0.9.8-15
-
cpe:2.3:a:vestacp:control_panel:0.9.8-16
-
cpe:2.3:a:vestacp:control_panel:0.9.8-17
-
cpe:2.3:a:vestacp:control_panel:0.9.8-18
-
cpe:2.3:a:vestacp:control_panel:0.9.8-19
-
cpe:2.3:a:vestacp:control_panel:0.9.8-2
-
cpe:2.3:a:vestacp:control_panel:0.9.8-20
-
cpe:2.3:a:vestacp:control_panel:0.9.8-21
-
cpe:2.3:a:vestacp:control_panel:0.9.8-22
-
cpe:2.3:a:vestacp:control_panel:0.9.8-3
-
cpe:2.3:a:vestacp:control_panel:0.9.8-4
-
cpe:2.3:a:vestacp:control_panel:0.9.8-5
-
cpe:2.3:a:vestacp:control_panel:0.9.8-6
-
cpe:2.3:a:vestacp:control_panel:0.9.8-7
-
cpe:2.3:a:vestacp:control_panel:0.9.8-8
-
cpe:2.3:a:vestacp:control_panel:0.9.8-9