CVE-2018-11352

by Fred · 21/09/2018

The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. This vulnerability enables the execution of a JavaScript payload each time an administrator visits the configuration page. The vulnerability can be exploited with authentication and used to target administrators and steal their sessions.

Date published : 2018-09-21

https://www.bishopfox.com/news/2018/09/wallabag-2-2-3-to-2-3-2-stored-cross-site-scripting/

CVE-2018-11352

Similar

Recent Posts

Categories

CVE-2018-11352

Share this:

Similar

Recent Posts

Categories

Tags