CVE-2018-5215 — Cross-site Scripting in Fork CMS

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 48.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

2

Forkcms Fork-cms Fork CMS

Timeline

PublishedJan 4

Latest updateMay 14

Description

Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

▶Packagistforkcms/forkcms5.0.7

▶NVDfork-cms/fork_cms5.0.7

🔴Vulnerability Details

2

GHSA

Fork CMS XSS Vulnerability↗2022-05-14

▶

OSV

Fork CMS XSS Vulnerability↗2022-05-14

▶

CVE-2018-5215 — Cross-site Scripting in Fork CMS | cvebase