| ID | CVE-2018-19146 | ||||||
| Sažetak | Concrete5 8.4.3 has XSS because config/concrete.php allows uploads (by administrators) of SVG files that may contain HTML data with a SCRIPT element. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:S/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 15-07-2021 - 20:43 | ||||||
| Objavljeno | 17-06-2019 - 20:15 |

