CVE-2018-10109

Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog.
References
Link Resource
https://github.com/monstra-cms/monstra/issues/435 Exploit Third Party Advisory
https://www.exploit-db.com/exploits/44502/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:*

Information

Published : 2018-04-16 09:58

Updated : 2018-05-16 03:21


NVD link : CVE-2018-10109

Mitre link : CVE-2018-10109

Products Affected
No products.
CWE