Security Advisory

CVE-2018-18260

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-15 00:00:00

Last updated 2024-08-05 11:08:20

Assigner mitre

State PUBLISHED

Description

In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false. NOTE: the vendor reports that they are "unable to reproduce the reported issue on any version."

← Browse all CVEs View on cve.org ↗