CVE-2017-1000457

CVE-2017-1000457

Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or "Content Administrators" role.

Source: CVE-2017-1000457

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다