camaleon_cms 2.7.4
1 security vulnerability
found in version
2.7.4
Camaleon CMS vulnerable to Stored Cross-site Scripting
medium severity CVE-2018-18260
medium severity
CVE-2018-18260
Unaffected versions:
< 2.4
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The
profile image in the User settings section can be run in the update / upload area
via /admin/media/upload?actions=false.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.