cvedb.io
CVE-2018-1000084
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2018-03-13T15:29:01.067 · Last modified 2026-06-17T01:32:23.563

Summary

WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need to enter the Javascript code into Layout Name .

Affected products

wolfcms — wolf_cms

Does this affect you?

Add your gear to cvedb and we'll alert you only when wolfcms ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.