CVE-2019-6278

MEDIUM

Jpress - XSS

Title source: rule

Description

XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option.

Exploits (1)

References (1)

Scores

CVSS v3 5.4
EPSS 0.0019
EPSS Percentile 40.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
jpress/jpress 1.0.4
Published Jan 14, 2019
Tracked Since Feb 18, 2026