CVE-2018-16484

Summary

A XSS vulnerability was found in module m-server <1.4.2 that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names.

Affected Software

VendorProductVersion RangeStatus
HackerOnem-server<1.4.2affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Stored (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References