CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-18673

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-bf0e19438d64230c1541bcbf9746e6e5
https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172
https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0
https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-bf0e19438d64230c1541bcbf9746e6e5
https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172
https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0

Products affected by CVE-2018-18673

Sir » Gnuboard » Version: 5.3.1.9

cpe:2.3:a:sir:gnuboard:5.3.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18673

Products

Pricing

Contact Us