CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14850

All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with access to the web interface is able to hijack sessions or navigate victims outside of SiteOmat, to a malicious server owned by him.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/108167
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
https://www.orpak.com
http://www.securityfocus.com/bid/108167
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
https://www.orpak.com

Products affected by CVE-2017-14850

Orpak » Siteomat » Version: Any

cpe:2.3:a:orpak:siteomat:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14850

Products

Pricing

Contact Us