{"id":"CVE-2018-6518","details":"Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.","modified":"2026-03-14T09:31:23.497940Z","published":"2018-04-26T14:29:00.657Z","references":[{"type":"EVIDENCE","url":"https://github.com/faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ocproducts/composr","events":[{"introduced":"0"},{"last_affected":"784c1e5636226beb8aae918936b0787d0bbcad4e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"10.0.13"}]}}],"versions":["10","10.0.1","10.0.10","10.0.11","10.0.12","10.0.13","10.0.2","10.0.3","10.0.4","10.0.5","10.0.6","10.0.7","10.0.8","10.0.9","10.RC1","10.RC10","10.RC11","10.RC12","10.RC13","10.RC14","10.RC15","10.RC16","10.RC17","10.RC18","10.RC19","10.RC2","10.RC20","10.RC21","10.RC22","10.RC23","10.RC24","10.RC25","10.RC27","10.RC28","10.RC29","10.RC3","10.RC3-2","10.RC30","10.RC31","10.RC32","10.RC33","10.RC4","10.RC5","10.RC7","10.RC8","10.RC9","10.beta2","10.beta3","10.beta4","10.beta5","10beta1","beta1_rerelease"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6518.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}