CVE-2018-16235 Information

Feb 14, 2021 cve

Description

Telligent Community 6.x 7.x 8.x 9.x before 9.2.10.11796 10.1.x before 10.1.10.11792 and 10.2.x before 10.2.3.4725 has XSS via the Feed RSS widget.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://community.telligent.com/community/10/w/user-documentation/61996/release-notes https://community.telligent.com/community/9/w/user-documentation/52752/release-notes https://www.horizonsecurity.it/lang_EN/advisories/?a=10

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1

Share on: