CVE-2018-19350
EUVD-2018-1104817.11.2018, 22:29
In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| seacms | seacms | 6.64 |
𝑥
= Vulnerable software versions