Description

admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag.

Remediation

References

CVE-2018-13423

Related Vulnerabilities

WordPress Plugin yURL ReTwitt Cross-Site Request Forgery (1.4)

WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0)

WordPress 5.7.x Directory Traversal (5.7 - 5.7.11)

PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3796)

WordPress Plugin Fusion:Extension-Gallery Multiple Unspecified Vulnerabilities (1.0.4)

Severity

Medium

Classification

CVE-2018-13423 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities