CVE-2018-20806


03/17/2019

CVE-2018-20806

Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).

Attack vector: 
Network

Product: 
phamm: phamm

References: 
https://github.com/lota/phamm/issues/24

Severity: 
Medium

CVSS Score: 
4.3

CVSS Vector: 
(AV:N/AC:M/Au:N/C:N/I:P/A:N)



Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *