1 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2
CVE-2018-13339
https://notcve.org/view.php?id=CVE-2018-13339
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035. Imperavi Redactor 3 en Angular Redactor 1.1.6, cuando se emplea el modo de contenido HTML, permite Cross-Site Scripting (XSS) persistente, tal y como queda demostrado con un atributo onerror de un elemento IMG. Esto está relacionado con CVE-2018-7035. • https://github.com/TylerGarlick/angular-redactor/issues/77 https://github.com/gleez/cms/issues/796 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •