CVE-2018-19546

Publication date

2018-11-26 07:00:00

Family

mitre

State

PUBLISHED

Description

JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter.