Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-7261

Publish Date: 20 Feb 2018

Source

                							

                *1. Introduction*

Vendor      : Radiant
Affected Product  : Radiant CMS 1.1.4
Fixed in    : NA
Vendor Website         : http://radiantcms.org/
Vulnerability Type  : Persistent XSS
Remote Exploitable  : Yes
CVE External Identifier  : CVE-2018-7261  


*2. Overview*

Technical Description:

There are multiple Persistent XSS vulnerabilities in Radiant Content Management System. These vulnerabilities exists due to insufficient filtration/sanitization of user-supplied data. 


*3. Affected Modules*

This affects multiple parameters within:

1. Personal Preferences :  Name and Username
2. Configuration : Site Title, Dev Site Domain, Page Parts, and Page Fields

*4. Impact*

A remote attacker may leverage this issue to execute arbitrary script code in the browser of victim in the context of the affected CMS. 

*5. Payload*

&lt;script&gt;alert('XSS')&lt;/script&gt;

*6. Credit*

Suparna Kachroo (@Sud0__su)
<p>

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Radiant CMS 1.1.4 Cross Site Scripting

Vulmon Search

About

Products

Connect