← Back to CVE List
CVE-2018-8906
dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt