Skip to main content

Sexstatic

1 CVEs product

Monthly

CVE-2018-3755 npm MEDIUM POC This Month

XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with <iframe> element used in directory name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sexstatic
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with <iframe> element used in directory name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sexstatic
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy