CVE-2018-8815
- Source
- https://cve.org/CVERecord?id=CVE-2018-8815
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8815.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-8815
- Published
- 2018-03-20T07:29:00.307Z
- Modified
- 2026-04-10T04:11:31.485408Z
- Severity
-
- 4.6 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.
- References
Affected packages
Git / github.com/alkacon/opencms-core
Affected versions
Other
build_10_0_0
build_10_0_0_alpha_1
build_10_0_0_alpha_1u
build_10_0_0_alpha_2
build_10_0_0_beta
build_10_0_0_beta3
build_10_0_0_beta4
build_10_0_0_beta_2
build_10_5_0
build_10_5_0_1
build_10_5_0_2
build_10_5_0_3
build_10_5_0_5
build_10_5_0_beta
build_10_5_1
build_10_5_2
build_10_5_3
build_10_5_x_cmsdays
build_4_7_10
build_4_7_11
build_4_7_12
build_4_7_13
build_4_7_14
build_4_7_6
build_4_7_8
build_4_7_9
build_5_0_0
build_5_0_0_beta_1
build_5_0_0_beta_2
build_5_0_0_rc_1
build_5_0_0_rc_2
build_5_1_0
build_5_1_1
build_5_1_10
build_5_1_11
build_5_1_12
build_5_1_3
build_5_1_4
build_5_1_5
build_5_1_6
build_5_1_7
build_5_1_8
build_5_1_9
build_5_3_1
build_5_3_3
build_5_3_4
build_5_3_5
build_5_3_6
build_5_5_1
build_5_5_2
build_5_5_3
build_5_5_4
build_5_7_1
build_5_7_2
build_5_7_3
build_5_9_1
build_5_9_2
build_6_0_0
build_6_0_1
build_6_0_2
build_6_0_3
build_6_0_4
build_6_0_5
build_6_1_13
build_6_2_0
build_6_2_1
build_6_2_2
build_6_2_3
build_7_0_0
build_7_0_1
build_7_0_2
build_7_0_4
build_7_3_0
build_7_5_0_beta_1
build_7_9_2
build_8_0_0
build_8_0_1
build_8_0_2
build_8_0_2_1
build_8_0_3
build_8_5_0
build_8_5_1
build_8_7_0
build_8_9_0
build_9_0_0
build_9_0_0_1
build_9_5_0