CVE-2018-8832

Published: 2018-03-20T21:29Z

Last Modified: 2024-11-21T04:14Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group name. The XSS attack launches when a victim visits the admin user group page. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt