CVE-2018-25073

Description

A vulnerability has been found in Newcomer1989 TSN-Ranksystem up to 1.2.6 and classified as problematic. This vulnerability affects the function getlog of the file webinterface/bot.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.2.7 is able to address this issue. The name of the patch is b3a3cd8efe2cd3bd3c5b3b7abf2fe80dbee51b77. It is recommended to upgrade the affected component. VDB-218002 is the identifier assigned to this vulnerability.

Related CPE's

ats-ranksystemtsn-ranksystem********

References

https://github.com/Newcomer1989/TSN-Ranksystem/releases/tag/1.2.7

Release NotesThird Party Advisory

https://vuldb.com/?ctiid.218002

Third Party Advisory

https://github.com/Newcomer1989/TSN-Ranksystem/pull/467

PatchThird Party Advisory

https://vuldb.com/?id.218002

Third Party Advisory

https://github.com/Newcomer1989/TSN-Ranksystem/commit/b3a3cd8efe2cd3bd3c5b3b7abf2fe80dbee51b77

PatchThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io