CVE-2018-16250 Information

Description

The \utilisateur\ menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information with the \first name\ and \last name\ parameters.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Reference

https://github.com/Creatiwity/wityCMS/issues/156

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4