CVE-2018-18865

HIGH

Royalapplications Royal TS < 4.3.60728 - Information Disclosure

Title source: rule

Description

The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure.

Exploits (1)

exploitdb WORKING POC
by Jakub Palaczynski · htmlwebappsjson
https://www.exploit-db.com/exploits/45783

References (4)

Scores

CVSS v3 8.1
EPSS 0.2044
EPSS Percentile 95.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (2)
royalapplications/royal_ts < 4.3.60728
royalapplications/royal_tsx < 3.3.1
Published Nov 20, 2018
Tracked Since Feb 18, 2026