CVE Daily

CVE-2018-20367

The "mall some commodity details: commodity consultation" component in WSTMart 2...

Medium CVSS 6.1

Overview

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI.

CWE: CWE-79 Published: 2018-12-22T19:29:00.193
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.1 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags