Vulnerability Database
Blog
FAQ
Docs
CVE-2018-10364
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-10364
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10364.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-10364
Published
2018-04-30T21:29:00Z
Modified
2025-01-08T10:15:53.927633Z
Severity
5.4 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
[none]
Details
BigTree before 4.2.22 has XSS in the Users management page via the name or company field.
References
https://github.com/bigtreecms/BigTree-CMS/commit/b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6
https://github.com/bigtreecms/BigTree-CMS/issues/332
https://github.com/bigtreecms/BigTree-CMS#changelog
Affected packages
Git
/
github.com/bigtreecms/bigtree-cms
Affected ranges
Type
GIT
Repo
https://github.com/bigtreecms/bigtree-cms
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6
Fixed
b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6
Affected versions
4.*
4.0
4.0.1
4.0.2
4.0.3
4.0RC2
4.0b7
4.0beta2
4.0beta4
4.0beta5
4.0beta6
4.0rc1
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2
4.2.10
4.2.11
4.2.12
4.2.13
4.2.14
4.2.15
4.2.16
4.2.17
4.2.18
4.2.19
4.2.2
4.2.20
4.2.21
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
Other
RC2
v4.*
v4.0b1
v4.0b3
CVE-2018-10364 - OSV