CVE-2018-16474

CVE-2018-16474

Vendor Npm

Product tianma-static

Weakness CWE-79 · XSS

Published November 6, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A stored xss in tianma-static module versions <=1.0.4 allows an attacker to execute arbitrary javascript.

Key dates

02Disclosure timeline

November 6, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-16474

Related vulnerabilities

04Related CVE

CVE-2024-4975 code-projects Simple Chat System Message cross site scripting CVE-2025-8740 zhenfeng13 My-Blog Category save cross site scripting CVE-2024-49751 Frappe Press possible HTML injection through SaaS Signup inputs CVE-2026-12130 CodeAstro Human Resource Management System Projects Management Add_Projects cross site scripting CVE-2022-30679 AEM Reflected XSS Arbitrary code execution