CVE-2018-25073

Summary

A vulnerability has been found in Newcomer1989 TSN-Ranksystem up to 1.2.6 and classified as problematic. This vulnerability affects the function getlog of the file webinterface/bot.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.2.7 is able to address this issue. The patch is identified as b3a3cd8efe2cd3bd3c5b3b7abf2fe80dbee51b77. It is recommended to upgrade the affected component. VDB-218002 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Newcomer1989TSN-Ranksystem1.2.0affected
Newcomer1989TSN-Ranksystem1.2.1affected
Newcomer1989TSN-Ranksystem1.2.2affected
Newcomer1989TSN-Ranksystem1.2.3affected
Newcomer1989TSN-Ranksystem1.2.4affected
Newcomer1989TSN-Ranksystem1.2.5affected
Newcomer1989TSN-Ranksystem1.2.6affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References