CVE-2018-14777

An issue was discovered in DataLife Engine (DLE) through 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.
References
Link Resource
https://cxsecurity.com/issue/WLB-2018080003 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:dleviet:datalife_engine:*:*:*:*:*:*:*:*

Information

Published : 2018-08-01 07:29

Updated : 2018-10-02 06:54


NVD link : CVE-2018-14777

Mitre link : CVE-2018-14777

Products Affected
No products.
CWE