Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-7274

Publish Date: 21 Feb 2018

Source

                							

                1. Introduction

Vendor                  :  Yab
Affected Product        : Quarx through 2.4.3 
Fixed in                : Quarx 2.4.5 and 2.4.6
Vendor Website          : https://quarxcms.com/
Vulnerability Type      : Persistent XSS
Remote Exploitable      : Yes
CVE External Identifier : CVE-2018-7274 


2. Technical Description

There are multiple Persistent XSS vulnerabilities in Quarx Content Management System. These vulnerabilities exists 
due to insufficient sanitization of user-supplied data. 


3. Affected pages and parameters:

Blog -&gt; 'Title'
FAQ -&gt; 'Question'
Pages -&gt; 'Title'
Widgets -&gt; 'Name'
Menus -&gt; 'Name'

5. Credit

Preethi Koroth (@p3core0ath)

6. Reference:
https://github.com/YABhq/Quarx/issues/115
<p>

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Yab Quarx 2.4.3 Cross Site Scripting

Vulmon Search

About

Products

Connect