CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-11011
https://notcve.org/view.php?id=CVE-2018-11011
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java. ruibaby Halo 0.0.2 tiene Cross-Site Scripting (XSS) persistente mediante el campo commentAuthor en FrontCommentController.java. • https://github.com/ruibaby/halo/issues/9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-11012
https://notcve.org/view.php?id=CVE-2018-11012
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java. ruibaby Halo 0.0.2 tiene Cross-Site Scripting (XSS) persistente mediante los parámetros loginName y loginPwd en un intento fallido de inicio de sesión en AdminController.java. • https://github.com/ruibaby/halo/issues/9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •