CVE-2018-6842: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

March 19, 2018 (updated April 12, 2018)

Kentico has XSS in which a crafted URL results in improper construction of a system page.

References

gist.github.com/zamous/c0afd7e21f3111de873c7bef6dcd9dd7
nvd.nist.gov/vuln/detail/CVE-2018-6842

Code Behaviors & Features

Detect and mitigate CVE-2018-6842 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →