CVE-2018-20837

CVE-2018-20837

EPSS 0.7%

include/admin/Menu/Ajax.php in Typesetter 5.1 has index.php/Admin/Menu/Ajax?cmd=AddHidden title XSS.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Typesetter/Typesetter/commit/fd637e2919e7f77c498a91a8e9d353f8e12afc9a https://www.netsparker.com/web-applications-advisories/ns-18-026-reflected-cross-site-scripting-in-typesetter/