CVE-2018-16405

CVE-2018-16405

EPSS 1.3%

An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e https://gitlab.com/mayan-edms/mayan-edms/issues/494