CVE-2018-5216 (radiant): Radiant CMS 1.1.4 Markdown admin/pages/*/edit part_body_content cross site scripting

Radiant CMS 1.1.4 Markdown admin/pages/*/edit part_body_content cross site scripting

Published: January 04, 2018

CVE: CVE-2018-5216 (NVD)
GHSA: GHSA-mvw8-v767-qhjm
Vendor Advisory: https://github.com/imsebao/404team/blob/master/radiantcms.md

CVSS v3.x: 5.4 (Medium)

CVSS v2.0: 3.5 (Low)

None available.

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the part_body_content parameter to an admin/pages/*/edit resource.