CVE-2018-3755

EPSS 0.27% · P50 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-3755

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with <iframe> element used in directory name.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

sexstatic 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

sexstatic是一款静态文件服务器。 sexstatic 0.6.2及之前版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞在浏览器上执行任意JavaScript代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
HackerOne	sexstatic	<=0.6.2	-

II. Public POCs for CVE-2018-3755

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-3755

Please Login to view more intelligence information

https://hackerone.com/reports/328210x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2018-3755

Same Patch Batch · HackerOne · 2018-06-01 · 52 CVEs total

CVE-2016-10618		node-browser 安全漏洞
CVE-2016-10634		scala-standalone-bin 安全漏洞
CVE-2016-10633		dwebp-bin 安全漏洞
CVE-2016-10628		selenium-wrapper 安全漏洞
CVE-2016-10631		jvminstall安全漏洞
CVE-2016-10630		install-g-tes 安全漏洞
CVE-2016-10629		nw-with-arm 安全漏洞
CVE-2016-10632		apk-parser2 安全漏洞
CVE-2016-10620		atom-node-module-installer 安全漏洞
CVE-2016-10619		pennyworth 安全漏洞
CVE-2016-10621		fibjs 安全漏洞
CVE-2016-10617		box2d-native 安全漏洞
CVE-2016-10616		openframe-image 安全漏洞
CVE-2016-10615		curses 安全漏洞
CVE-2016-10614		httpsync 安全漏洞
CVE-2016-10613		bionode-sra 安全漏洞
CVE-2016-10612		dalek-browser-ie-canary 安全漏洞
CVE-2016-10610		unicode-json 安全漏洞
CVE-2016-10609		chromedriver126 安全漏洞
CVE-2016-10608		robot-js 安全漏洞

Showing top 20 of 52 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: HackerOne

Same weakness: CWE-79

V. Comments for CVE-2018-3755

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-3755

I. Basic Information for CVE-2018-3755

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-3755

III. Intelligence Information for CVE-2018-3755

Same Patch Batch · HackerOne · 2018-06-01 · 52 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-3755

Leave a comment