CVE-2018-16629

CVE-2018-16629

EPSS 0.6%

panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/security-breachlock/CVE-2018-16629/blob/master/subrion_cms.pdf