ReportizFlow
Filtered by vendor Alchemy-cms
Subscriptions
Filtered by product Alchemy Cms
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18307 | 1 Alchemy-cms | 1 Alchemy Cms | 2025-08-29 | N/A |
| A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized." | ||||
Page 1 of 1.