CVE-2018-7274 – Yab Quarx 2.4.3 Cross Site Scripting

https://notcve.org/view.php?id=CVE-2018-7274

Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name). Yab Quarx, hasta la versión 2.4.3, es propenso a múltiples vulnerabilidades de Cross-Site Scripting (XSS) persistente: Blog (título), FAQ (pregunta), Pages (título), Widgets (nombre), and Menus (nombre). Yab Quarx versions 2.4.3 and below suffer from multiple cross site scripting vulnerabilities. • http://www.securityfocus.com/bid/103081 https://github.com/YABhq/Quarx/issues/116 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •