CVE-2018-20486

CVE-2018-20486

EPSS 0.7%

MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forum.metinfo.cn/thread-1300-1-1.html https://github.com/Ppsoft1990/Metinfo6.1.3/issues/2