CVE-2018-7274 – Yab Quarx 2.4.3 Cross Site Scripting

https://notcve.org/view.php?id=CVE-2018-7274

21 Feb 2018 — Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name). Yab Quarx, hasta la versión 2.4.3, es propenso a múltiples vulnerabilidades de Cross-Site Scripting (XSS) persistente: Blog (título), FAQ (pregunta), Pages (título), Widgets (nombre), and Menus (nombre). Yab Quarx versions 2.4.3 and below suffer from multiple cross site scripting vulnerabilities. • https://packetstorm.news/files/id/146496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •