CVE-2018-10109

Published: 2018-04-16T09:58Z

Last Modified: 2024-11-21T03:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt