CVE-2018-18825

{"id": "CVE-2018-18825", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2018-10-30T06:29:00.390", "references": [{"url": "https://github.com/misterrou/rourou/blob/master/bt.docx", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/misterrou/rourou/blob/master/bt.docx", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Pagoda Linux panel V6.0 has XSS via the verification code associated with an invalid account login. A crafted code is mishandled during rendering of the login log."}, {"lang": "es", "value": "El panel de Pagoda Linux V6.0 tiene Cross-Site Scripting (XSS) mediante el c\u00f3digo de verificaci\u00f3n asociado con un inicio de sesi\u00f3n inv\u00e1lido. Se gestiona de manera incorrecta un c\u00f3digo durante el renderizado del registro de inicios de sesi\u00f3n."}], "lastModified": "2024-11-21T03:56:41.660", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pagoda_linux_project:pagoda_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD7E6F45-6C64-47EB-8145-1CF4EE8673B2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}