CVE-2018-19599

Publication date

2020-03-02 19:45:40

Family

mitre

State

PUBLISHED

Description

Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.