Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2018-25051
PUBLISHED
More InfoOfficial Page
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
View Known Exploited Vulnerability (KEV) details
Published At-28 Dec, 2022 | 11:17
Updated At-01 Jan, 1000 | 00:00
Rejected At-
▼CVE Numbering Authority (CNA)
JmPotato Pomash editor.html cross site scripting

A vulnerability, which was classified as problematic, was found in JmPotato Pomash. This affects an unknown part of the file Pomash/theme/clean/templates/editor.html. The manipulation of the argument article.title/content.title/article.tag leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is be1914ef0a6808e00f51618b2de92496a3604415. It is recommended to apply a patch to fix this issue. The identifier VDB-216957 was assigned to this vulnerability.

Affected Products
Vendor
JmPotato
Product
Pomash
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-79CWE-79 Cross Site Scripting
Metrics
VersionBase scoreBase severityVector
3.12.4LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3.02.4LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Advisory disclosed2022-12-28 00:00:00
VulDB entry created2022-12-28 01:00:00
VulDB last update2022-12-28 12:22:17
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.216957
vdb-entry
technical-description
https://vuldb.com/?ctiid.216957
signature
permissions-required
https://github.com/JmPotato/Pomash/commit/be1914ef0a6808e00f51618b2de92496a3604415
patch
Details not found