{"id":"CVE-2018-20663","details":"The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the \"Reports \u003e Reports\" name field.","aliases":["GHSA-rff7-964g-pppx"],"modified":"2026-03-14T09:29:20.617905Z","published":"2019-01-03T19:29:01.633Z","references":[{"type":"EVIDENCE","url":"https://github.com/cuba-platform/reports/issues/140"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cuba-platform/cuba","events":[{"introduced":"0"},{"last_affected":"b9c3ee31ce83223e3761d27f53d5ce8dd29002bd"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.10.7"}]}}],"versions":["6.10.0","6.10.0-BETA1","6.10.0.BETA1","6.10.1","6.10.2","6.10.3","6.10.4","6.10.5","6.10.6","6.10.7","6.5.0.M1","6.6.0.RC1","6.9.0.BETA1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20663.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2019-01-02"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}