CVE-2018-16481 - AskarLabs CVE Database

CVE-2018-16481

Vendor Hackerone

Product html-pages

Weakness CWE-79 · XSS

Published February 1, 2019

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.

Key dates

02Disclosure timeline

February 1, 2019 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-16481

Related vulnerabilities

04Related CVE

CVE-2021-39201 Authenticated cross-site scripting (XSS) in WordPress editor CVE-2022-1001 WP Downgrade < 1.2.3 - Admin+ Stored Cross-Site Scripting CVE-2025-14991 Campcodes Complete Online Beauty Parlor Management System bwdates-reports-details.php cross site scripting CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal CVE-2023-39926 WordPress Under Construction / Maintenance Mode from Acurax Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)