CVE-2018-18307
- Source
- https://cve.org/CVERecord?id=CVE-2018-18307
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18307.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-18307
- Published
- 2018-10-16T22:29:01.697Z
- Modified
- 2026-04-10T04:08:44.812688Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized."
- References
-
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/base_controller.rb#L15
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/pictures_controller.rb#L5
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/resources_controller.rb#L21
- https://www.exploit-db.com/exploits/45601
- http://packetstormsecurity.com/files/149787/Alchemy-CMS-4.1-Stable-Cross-Site-Scripting.html
Affected packages
Git / github.com/alchemycms/alchemy_cms
Affected versions
v.*
v.1.5.2
v1.*
v1.1.1
v1.2.0
v1.5.0
v1.5.1
v2.*
v2.0
v2.0.3
v2.0.3.1
v2.0.4
v2.0.5
v2.0.6
v2.0.6.1
v2.0.pre5
v2.0.rc1
v2.0.rc2
v2.0.rc3
v2.1.1
v2.1.2
v2.1.7b
v2.2.0
v2.2.rc1
v2.2.rc11
v2.2.rc13
v2.2.rc14
v2.2.rc15
v2.2.rc2
v2.2.rc3
v2.2.rc6
v2.2.rc7
v2.2.rc8
v2.3.rc5
v2.4.beta2
v2.4.rc1
v2.4.rc2
v2.4.rc4
v2.5.0.b2
v2.5.0.b5
v2.5.0.b9
v2.5.0.rc3
v2.5.0.rc4
v2.6.0.rc5
v3.*
v3.0.0
v3.0.0.rc5
v3.0.0.rc6
v3.0.0.rc7
v3.0.0.rc8
v3.1.0.beta1
v3.1.0.beta2
v3.1.0.beta3
v3.1.0.beta4
v3.1.0.beta5
v3.1.0.beta6
v3.1.0.rc1
v3.2.0.beta
v3.3.0.rc1
v3.3.0.rc2
v3.6.0
v4.*
v4.0.0.beta
v4.0.0.rc1
v4.0.0.rc2
v4.1.0
v4.1.0.beta
v4.1.0.rc1