Back to search
CVE-2018-7746
Published: Mar 7, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
44416
exploit
x_refsource_EXPLOIT-DB
https://github.com/cobub/razor/issues/161
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now