CVE-2017-11202CVE-2017-11202

Affected configuration(s):

cpe:/a:finecms_project:finecms:-

Date published: 2017-07-12T21:29:01.577-04:00

Date last modified: 2017-07-16T07:06:37.707-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Stored-XSS-in-visitors-php

Summary: FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.