CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3425

Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://packetstormsecurity.com/files/134177/Accentis-Content-Resource-Management-System-Cross-Site-Scripting.html
http://packetstormsecurity.com/files/134177/Accentis-Content-Resource-Management-System-Cross-Site-Scripting.html

Products affected by CVE-2015-3425

Accentis » Content Resource Management System » Version: Any

cpe:2.3:a:accentis:content_resource_management_system:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3425

Products

Pricing

Contact Us