{"id":"CVE-2018-16551","details":"LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit.","aliases":["GHSA-pxxp-283v-xpq5"],"modified":"2026-04-10T04:06:47.793390Z","published":"2018-09-05T22:29:00.397Z","references":[{"type":"EVIDENCE","url":"https://github.com/LavaLite/cms/issues/259"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lavalite/cms","events":[{"introduced":"0"},{"last_affected":"5bd32df9ca672575c3f750f140d62f579684ccff"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.5.0"}]}}],"versions":["5.5.0","v5.1.1","v5.2.1","v5.2.2","v5.2.3","v5.2.4","v5.3.1","v5.3.2","v5.3.3","v5.3.4","v5.3.5","v5.3.6","v5.3.7","v5.4.0","v5.4.1","v5.4.2","v5.4.3","v5.4.4","v5.4.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16551.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}