CVE-2017-6490 (epesi)

CVE-2017-6490 (epesi)

Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI The vulnerabilities exist due to insufficient filtration of user-supplied data (cid, value, element, mode, tab, form_name, id) passed to the EPESI-master/modules/Utils/RecordBrowser/grid.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Source: CVE-2017-6490 (epesi)

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.