CVE-2018-19901
https://notcve.org/view.php?id=CVE-2018-19901
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. La versión 1.1.3 de No-CMS es propenso a Cross-Site Scripting (XSS) persistente mediante el parámetro "article title" en blog/manage_article/index/. • https://github.com/security-breachlock/CVE-2018-19901/blob/master/XSS-1.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-19902
https://notcve.org/view.php?id=CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. La versión 1.1.3 de No-CMS es propenso a Cross-Site Scripting (XSS) persistente mediante el parámetro "keyword" en blog/manage_article. • https://github.com/security-breachlock/CVE-2018-19902/blob/master/XSS.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-18868
https://notcve.org/view.php?id=CVE-2018-18868
No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name parameter, as demonstrated by the VG48Z5PqVWname parameter. No-CMS 1.1.3 es propenso a Cross-Site Scripting (XSS) persistente mediante un parámetro contact_us name, tal y como queda demostrado con el parámetro VG48Z5PqVWname. • https://github.com/s-kustm/Subodh/blob/master/CVE-2018-18868.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •