Cross-Site Scripting (XSS) Vulnerability in Statamic 2.10.3 via 'Add new user' Request

Cross-Site Scripting (XSS) Vulnerability in Statamic 2.10.3 via 'Add new user' Request

CVE-2018-19598 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request.

Learn more about our User Device Pen Test.