{"id":"CVE-2018-19901","details":"No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ \"article_title\" parameter.","modified":"2026-04-10T04:08:53.003407Z","published":"2018-12-31T15:29:00.443Z","references":[{"type":"EVIDENCE","url":"https://github.com/security-breachlock/CVE-2018-19901/blob/master/XSS-1.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gofrendiasgard/no-cms","events":[{"introduced":"0"},{"last_affected":"0e633229b767058c07357a12e33d34419a13204e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.1.3"}]}}],"versions":["v0.6.6-alpha","v1.1.3","v_0.5.0_stable","v_0.5.1_RC1","v_0.5.1_RC2","v_0.5.1_stable","v_0.5.5_RC1","v_0.5.5_RC2","v_0.5.5_RC3_feature_freezed","v_0.5.5_stable","v_0.5.5_stable_rev1","v_0.5.5_stable_rev2","v_0.5.6_dev","v_0.6.0_stable","v_0.6.0_stable_rev1","v_0.6.1_RC1","v_0.6.1_RC2","v_0.6.1_dev","v_0.6.1_stable","v_0.6.2_stable","v_0.6.5_stable","v_0.6.6_stable"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19901.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}