CVE-2018-10364
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-10364
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10364.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-10364
- Published
- 2018-04-30T21:29:00.267Z
- Modified
- 2025-11-20T10:44:50.148335Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
BigTree before 4.2.22 has XSS in the Users management page via the name or company field.
- References
Affected packages
Git / github.com/bigtreecms/bigtree-cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bigtreecms/bigtree-cms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
4.*
4.0
4.0.1
4.0.2
4.0.3
4.0RC2
4.0b7
4.0beta2
4.0beta4
4.0beta5
4.0beta6
4.0rc1
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2
4.2.10
4.2.11
4.2.12
4.2.13
4.2.14
4.2.15
4.2.16
4.2.17
4.2.18
4.2.19
4.2.2
4.2.20
4.2.21
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
Other
RC2
v4.*
v4.0b1
v4.0b3