admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/20xxx/CVE-2018-20816.json

72 lines
2.4 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2019-04-05 16:01:08 +00:00
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the \"add dashboard pages\" feature where users can receive a malicious attack through a phished URL, with script executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/salesagility/SuiteDocs/pull/198/files",
"refsource": "MISC",
"name": "https://github.com/salesagility/SuiteDocs/pull/198/files"
},
{
"url": "https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11",
"refsource": "MISC",
"name": "https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11"
},
{
"url": "https://docs.suitecrm.com/admin/releases/7.8.x/#_7_8_24",
"refsource": "MISC",
"name": "https://docs.suitecrm.com/admin/releases/7.8.x/#_7_8_24"
}
]
}
}
Reference in New Issue Copy Permalink