Vulnerability Description
The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure.
CVSS Score
8.1
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Royalapplications | Royal Ts | <= 4.3.60728 |
| Microsoft | Windows | - |
| Royalapplications | Royal Tsx | <= 3.3.1 |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/150136/Royal-TS-X-Information-Disclosure.htExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Nov/25ExploitMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2018/Nov/4ExploitMailing ListThird Party Advisory
- https://www.exploit-db.com/exploits/45783/ExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/150136/Royal-TS-X-Information-Disclosure.htExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Nov/25ExploitMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2018/Nov/4ExploitMailing ListThird Party Advisory
- https://www.exploit-db.com/exploits/45783/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-18865?
CVE-2018-18865 is a vulnerability with a CVSS score of 8.1 (HIGH). The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure.
How severe is CVE-2018-18865?
CVE-2018-18865 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18865?
Check the references section above for vendor advisories and patch information. Affected products include: Royalapplications Royal Ts, Microsoft Windows, Royalapplications Royal Tsx, Apple Macos.